Posts Subscribe to Revolution ChurchComments

Monday, January 22, 2024

ALPACA: Application Layer Protocol Confusion-Analyzing And Mitigating Cracks In TLS Authentication

5:32 AM Posted by ဦးဘုန္း

In cooperation with the university Paderborn and Münster University of Applied Sciences, we discovered a new flaw in the specification of TLS. The vulnerability is called ALPACA and exploits a weakness in the authentication of TLS for cross-protocol attacks. The attack allows an attacker to steal cookies or perform cross-site-scripting (XSS) if the specific conditions for the attack are met.

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols.

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

We investigate cross-protocol attacks on TLS in general and conducted a systematic case study on web servers, redirecting HTTPS requests from a victim's web browser to SMTP, IMAP, POP3, and FTP servers. We show that in realistic scenarios, the attacker can extract session cookies and other private user data or execute arbitrary JavaScript in the context of the vulnerable web server, therefore bypassing TLS and web application security.

We evaluated the real-world attack surface of web browsers and widely-deployed Email and FTP servers in lab experiments and with internet-wide scans. We find that 1.​4M web servers are generally vulnerable to cross-protocol attacks, i.e., TLS application data confusion is possible. Of these, 114k web servers can be attacked using an exploitable application server. As a countermeasure, we propose the use of the Application Layer Protocol Negotiation (ALPN) and Server Name Indication (SNI) extensions in TLS to prevent these and other cross-protocol attacks.

Although this vulnerability is very situational and can be challenging to exploit, there are some configurations that are exploitable even by a pure web attacker. Furthermore, we could only analyze a limited number of protocols, and other attack scenarios may exist. Thus, we advise that administrators review their deployments and that application developers (client and server) implement countermeasures proactively for all protocols.

More information on ALPACA can be found on the website https://alpaca-attack.com/.

More articles
  1. Pentest Tools Bluekeep
  2. What Is Hacking Tools
  3. Tools 4 Hack
  4. Pentest Tools Kali Linux
  5. Hacking Tools For Windows 7
  6. Pentest Tools Linux
  7. Pentest Tools Online
  8. Hacking Tools For Windows 7
  9. Pentest Tools Apk
  10. Hack Tools For Windows
  11. Pentest Tools Windows
  12. Pentest Reporting Tools
  13. Hacking Tools Software
  14. Underground Hacker Sites
  15. Hacking Tools Windows 10
  16. Pentest Tools Linux
  17. Hacking Tools For Windows 7
  18. Hacker Techniques Tools And Incident Handling
  19. Pentest Tools Review
  20. Pentest Tools Nmap
  21. Tools For Hacker
  22. Pentest Tools Review
  23. Hack Tools 2019
  24. Hacker Tools Free Download
  25. Hacker Tools Linux
  26. What Are Hacking Tools
  27. Pentest Reporting Tools
  28. Hacking Tools Hardware
  29. Hacking App
  30. Hacking Tools
  31. How To Hack
  32. Hacker Tools For Mac
  33. Free Pentest Tools For Windows
  34. Growth Hacker Tools
  35. Hacker Tools Free
  36. Hack Rom Tools
  37. Physical Pentest Tools
  38. How To Install Pentest Tools In Ubuntu
  39. Physical Pentest Tools
  40. Hacker Tools Software
  41. Hack Tools For Games
  42. Hacking Tools For Windows
  43. Top Pentest Tools
  44. Pentest Tools Find Subdomains
  45. Hack Apps
  46. Pentest Tools Alternative
  47. Hack Tools Mac
  48. Computer Hacker
  49. Hack Tools Mac
  50. Hacking Tools For Kali Linux
  51. Pentest Tools Website Vulnerability
  52. Hack Tools For Windows
  53. Free Pentest Tools For Windows
  54. Pentest Tools Online
  55. Hacker Tool Kit
  56. Wifi Hacker Tools For Windows
  57. Hack Tools For Windows
  58. Hacking Tools For Games
  59. Pentest Tools Nmap
  60. Pentest Tools Port Scanner
  61. Pentest Tools Apk
  62. Hack Tools Github
  63. Hacker Tools Free
  64. Hack Tools For Ubuntu
  65. Hacking Tools 2019
  66. Hack Tools
  67. New Hack Tools
  68. Hacker Techniques Tools And Incident Handling
  69. Pentest Tools Find Subdomains
  70. Hacker Tools For Ios
  71. Hacker Tools Mac
  72. Pentest Recon Tools
  73. Pentest Tools Github
  74. How To Install Pentest Tools In Ubuntu
  75. Hacker Tools Apk
  76. Hack Tools For Mac
  77. Pentest Automation Tools
  78. Hacking Tools Mac
  79. Pentest Tools Website Vulnerability
  80. Hack Tools
  81. Install Pentest Tools Ubuntu
  82. Pentest Tools Review
  83. Ethical Hacker Tools
  84. Pentest Recon Tools
  85. Hacking Tools For Games
  86. Underground Hacker Sites
  87. Pentest Tools Alternative
  88. Hacking App
  89. Hacking Tools For Mac
  90. Computer Hacker

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Country

free counters
 

ဦးဘုန္း (ဓာတု) မႏၱေလး. Copyright 2011 All Rights Reserved Free Wordpress Templates by Brian Gardner Blogger Templates presents HD TV Fringe Streaming. Featured on Wedding Photographers Singapore.