Browser Exploit Against SSL/TLS

Sooraj V Nair

Published on

19 Jun 2018

1 min read

SSL

The Browser Exploit Against SSL/TLS (BEAST) is a vulnerability that exists in all cipher block chaining (CBC) ciphers in SSL V3/TLS 1.0 and it’s lower versions. Ciphers are cryptographic algorithms used for performing encryption/decryption of communication channel. The BEAST attack targets the weak points in cipher block chaining to exploit the SSL/TLS protocol. This vulnerability targets the Secure Socket Layer to retrieve information from the communication between the server and the browser. This vulnerability can also access the authentication tokens of the user. The BEAST attack targets the confidentiality feature of HTTPS connection. This attack helps the attacker to extract unencrypted plaintext data from an encrypted channel.

The conditions for a successful beast attack are:-

A vulnerable version of SSL that uses a block cipher technique.
The attacker must be able to sniff the communication from the server.
Applet or javascript injection through the same origin of the website must be possible

Impact

Using this vulnerability, an attacker can:-

perform an attack against CBC based ciphers
execute a Man-In-The-Middle (MITM) attack to retrieve information from an encrypted SSL communication and will also be able to obtain its authentication tokens.

Mitigation / Precaution

Beagle recommends the following fixes:-

Prioritise the RC4 cipher suites rather than CB.
Update TLS/SSL to the latest version for utmost security.
Ensure the SecureAuth IdP Appliance is fully patched with the latest Microsoft Windows Server updates.

Automated human-like penetration testing for your web apps & APIs

Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Product tour

Written by