This vulnerability is encountered when an application does not redirect to HTTPS of the same site. When this situation is encountered, it opens a whole new world for “Man in the middle” (MITM) attacks. It is necessary to implement HTTPS even if there is no sensitive data communication. HTTPS is required for viewing progressive web applications. HTTPS protects from attackers and legitimate intrusive companies (like ISP). Without HTTPS, an attacker can trick the end users into giving sensitive information to the attacker. He can even force the end users to install malware into the system. HTTPS stops attackers from passively listening to the communication.
Example
The following URL is an example of HTTP. The below URL is prone to MITM attacks.
http://example.beaglesecurity.com
The following URL is an example of HTTPS.
https://example.beaglesecurity.com
The following code is an example of this vulnerability.
RewriteEngine On
RewriteCond %{SERVER_PORT} 150
RewriteRule ^(.*)$ http:www.example.beaglesecurity.com/$1 [R,L]
Impact
The following are the impacts of this vulnerability:-
Session hijacking attacks - An HTTP request that includes a session ID cookie is subject to session hijacking attacks. Session hijacking (or cookie hijacking) is exploitation of valid computer sessions. It is essential to allow HTTP redirect to HTTPS, that cookies are marked as secure.
Man-In-The-Middle (MITM) attack
Using this vulnerability, an attacker can:-
- have access to all the unprotected information/data sent between the server and the clients.
- passively listen to the communication to identify the end users. The identification includes name, location, interests and many more.
Mitigation / Precaution
Beagle recommends the following fixes:-
- The application should redirect to HTTPS
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https:www.beagleexample.com/$1 [R,L]
- Make sure to clear the cache.
