New to CAPEC? Start Here
Home > CAPEC List > CAPEC-499: Android Intent Intercept (Version 3.6)  

CAPEC-499: Android Intent Intercept

Attack Pattern ID: 499
Abstraction: Standard
Status: Draft
Presentation Filter:
+ Description
An adversary, through a previously installed malicious application, intercepts messages from a trusted Android-based application in an attempt to achieve a variety of different objectives including denial of service, information disclosure, and data injection. An implicit intent sent from a trusted application can be received by any application that has declared an appropriate intent filter. If the intent is not protected by a permission that the malicious application lacks, then the attacker can gain access to the data contained within the intent. Further, the intent can be either blocked from reaching the intended destination, or modified and potentially forwarded along.
+ Relationships
Section HelpThis table shows the other attack patterns and high level categories that are related to this attack pattern. These relationships are defined as ChildOf and ParentOf, and give insight to similar items that may exist at higher and lower levels of abstraction. In addition, relationships such as CanFollow, PeerOf, and CanAlsoBe are defined to show similar attack patterns that the user may want to explore.
NatureTypeIDName
ChildOfMeta Attack PatternMeta Attack Pattern - A meta level attack pattern in CAPEC is a decidedly abstract characterization of a specific methodology or technique used in an attack. A meta attack pattern is often void of a specific technology or implementation and is meant to provide an understanding of a high level approach. A meta level attack pattern is a generalization of related group of standard level attack patterns. Meta level attack patterns are particularly useful for architecture and design level threat modeling exercises.117Interception
ParentOfDetailed Attack PatternDetailed Attack Pattern - A detailed level attack pattern in CAPEC provides a low level of detail, typically leveraging a specific technique and targeting a specific technology, and expresses a complete execution flow. Detailed attack patterns are more specific than meta attack patterns and standard attack patterns and often require a specific protection mechanism to mitigate actual attacks. A detailed level attack pattern often will leverage a number of different standard level attack patterns chained together to accomplish a goal.501Android Activity Hijack
Section HelpThis table shows the views that this attack pattern belongs to and top level categories within that view.
+ Execution Flow
Explore
  1. Find an android application that uses implicit intents: Since this attack only works on android applications that use implicit intents, rather than explicit intents, an adversary must first identify an app that uses implicit intents. They must also determine what the contents of the intents being sent are such that a malicious application can get sent these intents.

Experiment
  1. Create a malicious app: The adversary must create a malicious android app meant to intercept implicit intents from a target application

    Techniques
    Specify the type of intent wished to be intercepted in the malicious app's manifest file using an intent filter
  2. Get user to download malicious app: The adversary must get a user using the targeted app to download the malicious app by any means necessary

Exploit
  1. Intercept Implicit Intents: Once the malicious app is downloaded, the android device will forward any implicit intents from the target application to the malicious application, allowing the adversary to gaina access to the contents of the intent. The adversary can proceed with any attack using the contents of the intent.

    Techniques
    Block the intent from reaching the desired location, causing a denial of service
    Gather sensitive information from the intercepted intent
    Modify the contents of the intent and forward along to another application
+ Prerequisites
An adversary must be able install a purpose built malicious application onto the Android device and convince the user to execute it. The malicious application is used to intercept implicit intents.
+ Consequences
Section HelpThis table specifies different individual consequences associated with the attack pattern. The Scope identifies the security property that is violated, while the Impact describes the negative technical impact that arises if an adversary succeeds in their attack. The Likelihood provides information about how likely the specific consequence is expected to be seen relative to the other consequences in the list. For example, there may be high likelihood that a pattern will be used to achieve a certain impact, but a low likelihood that it will be exploited to achieve a different impact.
ScopeImpactLikelihood
Confidentiality
Read Data
Integrity
Modify Data
Availability
Resource Consumption
+ Mitigations
To mitigate this type of an attack, explicit intents should be used whenever sensitive data is being sent. An explicit intent is delivered to a specific application as declared within the intent, whereas the Android operating system determines who receives an implicit intent which could potentially be a malicious application. If an implicit intent must be used, then it should be assumed that the intent will be received by an unknown application and any response should be treated accordingly. Implicit intents should never be used for inter-application communication.
+ References
[REF-427] Erika Chin, Adrienne Porter Felt, Kate Greenwood and David Wagner. "Analyzing Inter-Application Communication in Android". 3.1 Unauthorized Intent Receipt. International Conference on Mobile Systems, Applications, and Services (MobiSys). 2011. <https://people.eecs.berkeley.edu/~daw/papers/intents-mobisys11.pdf>.
+ Content History
Submissions
Submission DateSubmitterOrganization
2014-06-23CAPEC Content TeamThe MITRE Corporation
Modifications
Modification DateModifierOrganization
2018-07-31CAPEC Content TeamThe MITRE Corporation
Updated References, Related_Weaknesses
2019-09-30CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2020-07-30CAPEC Content TeamThe MITRE Corporation
Updated Related_Attack_Patterns
2020-12-17CAPEC Content TeamThe MITRE Corporation
Updated @Name, Consequences
2021-10-21CAPEC Content TeamThe MITRE Corporation
Updated Execution_Flow
Previous Entry Names
Change DatePrevious Entry Name
2020-12-17Intent Intercept
More information is available — Please select a different filter.
Page Last Updated or Reviewed: October 21, 2021