Results from Qualys Scan
ISSUE:
-SSL/TLS use of weak RC4 cipher
THREAT:
Secure Sockets
Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide
integrity, confidentiality and authenticity services to other protocols that
lack these features.
SSL/TLS
protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of
the higher layer protocols and thus provide the confidentiality service.
Normally the output of an encryption process is a sequence of random looking
bytes. It was known that RC4 output has some bias in the output. Recently a
group of researches has discovered that the there is a stronger bias in RC4,
which make statistical analysis of ciphertext more practical.
The described
attack is to inject a malicious javascript into the victim's browser that would
ensure that there are multiple connections being established with a target
website and the same HTTP cookie is sent multiple times to the website in
encrypted form. This provides the attacker a large set of ciphertext samples,
that can be used for statistical analysis.
IMPACT:
If this attack
is carried out and an HTTP cookie is recovered, then the attacker can then use
the cookie to impersonate the user who's cookie was recovered.
This attack is
not very practical as it requires the attacker to have access to millions of
samples of ciphertext, but there are certain assumptions that an attacker can
make to improve the chances of recovering the cleartext from ciphertext. For
examples HTTP cookies are either base64 encoded or hex digits. This information
can help the attacker in their efforts to recover the cookie.
SOLUTION:
RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, newer versions of TLSv addressed these issues.
Validating the Findings
Using SSLscan
#sslscan --no-failed <IP>
Using Nmap
#nmap --script ssl-enum-ciphers -p 443 <IP>
Using SSLAudit.exe
No comments:
Post a Comment