Does not redirect to a HTTPS site from HTTP port

By
Manieendar Mohan
Published on
05 Jun 2018
1 min read
Vulnerability
Client Side URL Redirect

This vulnerability is encountered when an application does not redirect to HTTPS of the same site. When this situation is encountered, it opens a whole new world for “Man in the middle” (MITM) attacks. It is necessary to implement HTTPS even if there is no sensitive data communication. HTTPS is required for viewing progressive web applications. HTTPS protects from attackers and legitimate intrusive companies (like ISP). Without HTTPS, an attacker can trick the end users into giving sensitive information to the attacker. He can even force the end users to install malware into the system. HTTPS stops attackers from passively listening to the communication.

Example

The following URL is an example of HTTP. The below URL is prone to MITM attacks.

http://example.beaglesecurity.com

The following URL is an example of HTTPS.

https://example.beaglesecurity.com

The following code is an example of this vulnerability.

        RewriteEngine On
        RewriteCond %{SERVER_PORT} 150
        RewriteRule ^(.*)$ http:www.example.beaglesecurity.com/$1 [R,L]

    

Impact

The following are the impacts of this vulnerability:-

  • Session hijacking attacks - An HTTP request that includes a session ID cookie is subject to session hijacking attacks. Session hijacking (or cookie hijacking) is exploitation of valid computer sessions. It is essential to allow HTTP redirect to HTTPS, that cookies are marked as secure.

  • Man-In-The-Middle (MITM) attack

Using this vulnerability, an attacker can:-

  • have access to all the unprotected information/data sent between the server and the clients.
  • passively listen to the communication to identify the end users. The identification includes name, location, interests and many more.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • The application should redirect to HTTPS
        RewriteEngine On
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https:www.beagleexample.com/$1 [R,L]

    
  • Make sure to clear the cache.
Automated human-like penetration testing for your web apps & APIs
Teams using Beagle Security are set up in minutes, embrace release-based CI/CD security testing and save up to 65% with timely remediation of vulnerabilities. Sign up for a free account to see what it can do for you.

Written by
Manieendar Mohan
Manieendar Mohan
Cyber Security Lead Engineer
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days
Find surface-level website security issues in under a minute
Free website security assessment
Experience the power of automated penetration testing & contextual reporting.