HTTPS Bicycle Attack


HTTPS Bicycle Attack

Postby B2W » Mon Jan 11, 2016 2:36 pm

Websense security researcher, Nicholas Griffin, explains how an attack targeting a victim's password would work:

“All a user needs to do is have a packet capture of requests to a known site, including an authentication (login) request containing an already known username and an unknown plain-text password. If an attacker can determine the user's browser and how that browser would send requests to the site, they can subtract the length of all the known data the browser would send except for the piece of information they are interested in, which will result in them knowing the length of the unknown data.”

1. TLS必須為stream based
2. 此攻擊可揭露出各敏感資訊欄位的長度,包含帳號、密碼、IP位址等等
3. 攻擊者必須攔截到用戶傳到主機的含敏感資訊request(例如利用中間人攻擊, Man-in-the-Middle Attack))
4. 攻擊者將取得敏感資訊的長度,非明文

獲得敏感資訊的長度會讓它們更容易被破解,重要的系統還是要使用至少two-factor authentication,防止其中一個防護措施出現問題。
Posts: 22
Joined: Fri May 02, 2014 1:53 am

Return to 研究專區(Research Area)