Obtain plaintext by observing length differences

By
Manieendar Mohan
Published on
19 Jun 2018
1 min read
Vulnerability
SSL

Compression Ratio Info-leak Made Easy (CRIME) is one of the famous security exploit. This attack is used against secret web cookies that use data compression over connections using the HTTPS and SPDY protocols. An attacker can use the CRIME attack to recover the content of the secret authentication cookies. It will also allow an attacker to perform session hijacking on an unauthenticated web session. This privilege will help him launch furthermore attacks to can potentially crash the system. Using CRIME, an attacker can perform attacks like session hijacking to gain access to the victim user’s session. A successful CRIME attack involves an attacker observing the size of ciphertext sent by the browser and also making the browser send malicious requests to the vulnerable server. CRIME is a client-side attack, but there are methods through which a particular server can protect the client. The methods include not implementing deflate compression.

Impact

This vulnerability can be exploited by Man-in-the-middle attackers. A man-in-the-middle attack is a silent vulnerability with disastrous power in cryptography and computer security world. It is an attack in which the attacker secretly monitors and alters the communication between two parties.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • Try to implement compression in your communication.
  • Use the Transport Layer Security (TLS) Protocol Version 1.2. This version of TLS sends the client, a list of compression algorithms in its ClientHello message. The server then picks one of them and sends it back in its ServerHello message.
  • Try to implement the use of data compression on the transactions along with the use of the protocol negotiation features of the TLS protocol.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Manieendar Mohan
Manieendar Mohan
Cyber Security Lead Engineer
Find website security issues in a flash
Improve your website's security posture with proactive vulnerability detection.
Free website security assessment