by swapnesh chaubal rohit bhat. beast : browser exploit against ssl/tls julianno rizzo and thai...
TRANSCRIPT
BEAST : Browser Exploit Against SSL/TLS
Julianno Rizzo and Thai Duong demonstrated this attack.
Introduction
SSL and TLS.
Encryption of segments above the Transport Layer.
Securing World Wide Web traffic carried by HTTP to form HTTPS
The Attack
JavaScript code.
Decrypt encrypted cookies.
Vulnerability in websites protected by the secure sockets layer protocol.
Silently decrypt the data.
How does it attack?
BEAST is different than most published attacks against HTTPS.
The exploit works even against sites that use HSTS, or HTTP Strict Transport Security, which prevents certain pages from loading unless they're protected by SSL.
encrypted transactions on PayPal, GMail and just about every other website vulnerable to eavesdropping by hackers
Severity of Attack
Firefox itself not vulnerable. No TLS 1.0, no control over content of connections.
Developer version of its Chrome browser
Shortcoming in browsers
Decrypt an authentication cookie used to access a PayPal account.
Trick the user into inserting plaintext characters
What was the Demo?
“Empty fragment" feature in OpenSSL.
Insert a single empty TLS record before every record.
Randomizes the IV of the actual records.
Tor Browser requires OpenSSL 0.9.7 or later
How to prevent the attack?
http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
http://en.wikipedia.org/wiki/Transport_Layer_Security
https://blog.torproject.org/blog/tor-and-beast-ssl-attack
http://www.theregister.co.uk/2011/09/29/firefox_killing_java/
References