Does not redirect to a HTTPS site from HTTP port

OWASP 2013-A5 OWASP 2017-A6 CWE-818 WSTG-CLNT-04

This vulnerability is encountered when an application does not redirect to HTTPS of the same site. When this situation is encountered, it opens a whole new world for “Man in the middle” (MITM) attacks. It is necessary to implement HTTPS even if there is no sensitive data communication. HTTPS is required for viewing progressive web applications. HTTPS protects from attackers and legitimate intrusive companies (like ISP). Without HTTPS, an attacker can trick the end users into giving sensitive information to the attacker. He can even force the end users to install malware into the system. HTTPS stops attackers from passively listening to the communication.

Example

The following URL is an example of HTTP. The below URL is prone to MITM attacks.

http://example.beaglesecurity.com

The following URL is an example of HTTPS.

https://example.beaglesecurity.com

The following code is an example of this vulnerability.

        RewriteEngine On
        RewriteCond %{SERVER_PORT} 150
        RewriteRule ^(.*)$ http:www.example.beaglesecurity.com/$1 [R,L]

    

Impact

The following are the impacts of this vulnerability:-

  • Session hijacking attacks - An HTTP request that includes a session ID cookie is subject to session hijacking attacks. Session hijacking (or cookie hijacking) is exploitation of valid computer sessions. It is essential to allow HTTP redirect to HTTPS, that cookies are marked as secure.

  • Man-In-The-Middle (MITM) attack

Using this vulnerability, an attacker can:-

  • have access to all the unprotected information/data sent between the server and the clients.
  • passively listen to the communication to identify the end users. The identification includes name, location, interests and many more.

Mitigation / Precaution

Beagle recommends the following fixes:-

  • The application should redirect to HTTPS
        RewriteEngine On
        RewriteCond %{SERVER_PORT} 80
        RewriteRule ^(.*)$ https:www.beagleexample.com/$1 [R,L]

    
  • Make sure to clear the cache.

Related Articles