查看文章 |
新的TLS/SSL3.0中间人攻击已公布 - TLS renegotiation attack
2009-11-06 7:28
刚刚有研究人员公布了一种针对TLS/SSL的中间人攻击, 该攻击 1. exploitable (可操作性比较强) 2. 目前还没有解决方案, 等待各厂商出补丁. 3. 受影响的上层协议包括HTTPS,IMAP, SIP等等.
有人举了下面这个例子来帮助大家理解此洞 E.g., the attacker would send: GET /pizza?toppings=pepperoni;address=attackersaddress HTTP/1.1 X-Ignore-This: And leave the last line empty without a carriage return line feed. Then when the client makes his own request
GET /pizza?toppings=sausage;address=victimssaddress HTTP/1.1 Cookie: victimscookie the two requests get glued together into:
GET /pizza?toppings=pepperoni;address=attackersaddress HTTP/1.1 X-Ignore-This: GET /pizza?toppings=sausage;address=victimssaddress HTTP/1.1 Cookie: victimscookie And the server uses the victim's account to send a pizza to the attacker.
whitepaper的全文: http://extendedsubset.com/Renegotiating_TLS.pdf |
最近读者:

