Sunday, January 21, 2024

ALPACA: Application Layer Protocol Confusion-Analyzing And Mitigating Cracks In TLS Authentication

In cooperation with the university Paderborn and Münster University of Applied Sciences, we discovered a new flaw in the specification of TLS. The vulnerability is called ALPACA and exploits a weakness in the authentication of TLS for cross-protocol attacks. The attack allows an attacker to steal cookies or perform cross-site-scripting (XSS) if the specific conditions for the attack are met.

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols.

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

We investigate cross-protocol attacks on TLS in general and conducted a systematic case study on web servers, redirecting HTTPS requests from a victim's web browser to SMTP, IMAP, POP3, and FTP servers. We show that in realistic scenarios, the attacker can extract session cookies and other private user data or execute arbitrary JavaScript in the context of the vulnerable web server, therefore bypassing TLS and web application security.

We evaluated the real-world attack surface of web browsers and widely-deployed Email and FTP servers in lab experiments and with internet-wide scans. We find that 1.​4M web servers are generally vulnerable to cross-protocol attacks, i.e., TLS application data confusion is possible. Of these, 114k web servers can be attacked using an exploitable application server. As a countermeasure, we propose the use of the Application Layer Protocol Negotiation (ALPN) and Server Name Indication (SNI) extensions in TLS to prevent these and other cross-protocol attacks.

Although this vulnerability is very situational and can be challenging to exploit, there are some configurations that are exploitable even by a pure web attacker. Furthermore, we could only analyze a limited number of protocols, and other attack scenarios may exist. Thus, we advise that administrators review their deployments and that application developers (client and server) implement countermeasures proactively for all protocols.

More information on ALPACA can be found on the website https://alpaca-attack.com/.

Related posts


  1. How To Install Pentest Tools In Ubuntu
  2. Hacking Tools For Windows
  3. Beginner Hacker Tools
  4. Pentest Tools For Windows
  5. Hack Tools For Mac
  6. Blackhat Hacker Tools
  7. Nsa Hack Tools Download
  8. Hacking Tools Hardware
  9. Hacker Tools Apk Download
  10. Hacker Hardware Tools
  11. Hack Tools For Games
  12. Nsa Hack Tools
  13. Hacking Tools For Beginners
  14. Nsa Hacker Tools
  15. Hacking Tools Windows 10
  16. Best Pentesting Tools 2018
  17. Free Pentest Tools For Windows
  18. Termux Hacking Tools 2019
  19. Free Pentest Tools For Windows
  20. Pentest Tools Alternative
  21. Hack Tools Pc
  22. Hack Rom Tools
  23. Hacking Tools For Mac
  24. Hacking Tools For Pc
  25. Hack Rom Tools
  26. Pentest Tools List
  27. Pentest Tools Website Vulnerability
  28. How To Hack
  29. Wifi Hacker Tools For Windows
  30. Nsa Hack Tools
  31. Hacker Tools Windows
  32. Hacking Tools And Software
  33. Hacker Tools Github
  34. Hacking Tools For Mac
  35. Pentest Tools Android
  36. Hacking Tools 2019
  37. How To Hack
  38. Hack Tools Online
  39. Computer Hacker
  40. Hack Tool Apk
  41. Hacking Tools Hardware
  42. Hacker Security Tools
  43. Bluetooth Hacking Tools Kali
  44. Hack Tools For Windows
  45. Hack Tools For Pc
  46. Hacker Tools For Pc
  47. Hacker Tools For Ios
  48. Hacking Tools Software
  49. Pentest Tools Framework
  50. Hacking Tools Online
  51. Android Hack Tools Github
  52. Nsa Hack Tools Download
  53. Usb Pentest Tools
  54. Hacking Tools Online
  55. Pentest Tools Online
  56. Hack And Tools
  57. Pentest Tools Find Subdomains
  58. Pentest Tools For Android
  59. Best Hacking Tools 2019
  60. New Hacker Tools
  61. Hacker Tools 2020
  62. Beginner Hacker Tools
  63. Hacking Tools Online
  64. Termux Hacking Tools 2019
  65. Pentest Tools Nmap
  66. Kik Hack Tools
  67. Hacker Tools For Ios
  68. Hacker Tools List
  69. Hack Tools Pc
  70. Hacker Tools Free Download
  71. Hak5 Tools
  72. Hacking Tools For Windows Free Download
  73. Easy Hack Tools
  74. New Hack Tools
  75. Hacking Tools Software
  76. Android Hack Tools Github
  77. Hacking Tools Windows 10
  78. Nsa Hack Tools
  79. Hacking Tools Name
  80. Kik Hack Tools
  81. Install Pentest Tools Ubuntu
  82. Hacking Tools For Kali Linux
  83. Hacker Tools For Mac
  84. Hack App
  85. Hacking Tools 2020
  86. Nsa Hack Tools
  87. Hacker Tools Linux
  88. Hack Tools For Pc
  89. Pentest Box Tools Download
  90. Black Hat Hacker Tools
  91. Android Hack Tools Github
  92. Hacking Tools Kit
  93. Hacking Tools 2019
  94. Hacker Tools For Pc
  95. Github Hacking Tools
  96. Computer Hacker
  97. New Hacker Tools
  98. Tools Used For Hacking
  99. Pentest Reporting Tools
  100. Pentest Tools Website
  101. Hacker Tools Free Download
  102. Hacking Tools Usb
  103. Hackers Toolbox
  104. Hacker Tools Windows
  105. Hacking Tools Download
  106. Install Pentest Tools Ubuntu
  107. Pentest Tools Review
  108. Android Hack Tools Github
  109. Pentest Tools Alternative
  110. Hacker Tools List
  111. Hacker Search Tools
  112. Hackrf Tools
  113. Tools 4 Hack
  114. Hackers Toolbox
  115. Pentest Tools Website
  116. Tools 4 Hack
  117. Pentest Tools Download
  118. Pentest Tools For Ubuntu
  119. What Is Hacking Tools
  120. Black Hat Hacker Tools
  121. Pentest Tools Review
  122. Hack Tools For Ubuntu
  123. Hacker Search Tools
  124. Pentest Tools Website Vulnerability
  125. Pentest Tools Kali Linux
  126. Hacking Tools For Kali Linux
  127. Pentest Tools Android
  128. Hacks And Tools
  129. Hacking Tools Kit
  130. Pentest Tools Linux
  131. Hacker Tools For Ios
  132. Blackhat Hacker Tools
  133. Hackrf Tools
  134. Kik Hack Tools
  135. Hacker Security Tools
  136. Hacker Tools 2020
  137. Hack Tools
  138. Hack Rom Tools
  139. Hacking Tools Software
  140. Hacking Tools Github
  141. Game Hacking
  142. Nsa Hacker Tools
  143. Pentest Tools Online
  144. Hacks And Tools
  145. Hacking Tools Windows
  146. Kik Hack Tools
  147. Hack Website Online Tool
  148. Hack App
  149. Black Hat Hacker Tools
  150. Hack Tools
  151. Pentest Tools Tcp Port Scanner
  152. New Hack Tools
  153. Nsa Hack Tools
  154. Physical Pentest Tools
  155. Hacker Hardware Tools
  156. Hacker Tools Free Download
  157. Hacker Tools For Pc
  158. New Hacker Tools
  159. Hack Tools For Games
  160. Hacker Tools Linux
  161. Hacking Tools
  162. Hacker Tools Software
  163. Free Pentest Tools For Windows
  164. Usb Pentest Tools
  165. Pentest Tools Website
  166. Hacker Tools Apk Download
  167. Hacking Tools Pc
  168. Usb Pentest Tools
  169. Termux Hacking Tools 2019
  170. Hak5 Tools
  171. Hacking Tools Name
  172. Hacker Security Tools
  173. Hacking Tools For Games
  174. Hack Tools
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)