BEAST vs HTTPS

[ionut97]

[Nytro]

Interesant, dar ce dracu face mai exact?

[caramea]

Interesant, dar ce dracu face mai exact?

Cica

Please note that BEAST does not do any harm to remote servers. In fact, no packet from BEAST has ever been sent to any servers. We chose PayPal because they do everything right when it comes to server-side SSL, and that is good to demonstrate the power of BEAST, which is a client-side SSL attack. We reported the vulnerability to browser, plugin and SSL vendors several months ago (CVE-2011-3389).

Current version of BEAST consists of Javascript/applet agents and a network sniffer. We have some choices for the agent. At the time we reported the bug to vendors, HTML5 WebSockets could be used to build a BEAST agent but, due to unrelated reasons, the WebSockets protocol was already in the process of changing in such a way that stopped it. We can't use the new WebSockets protocol shipped with browsers. We use a Java applet in this video, but please be aware that it may be possible to implement a Javascript agent with XMLHttpRequest as well. Why don't you take a look? ;-)

Note that it is relatively easy to run a script or an applet in your browser without you doing anything (e.g, by intercepting any HTTP requests from your browser.) After all, each agent is just a piece of Javascript or an applet. Once an agent has been loaded, BEAST can patiently wait until you sign in to some valuable websites to steal your accounts.

In order to make the Java applet agent work, we have to bypass the same-origin policy (SOP). Some people have gotten the impression that BEAST required an SOP bypass bug to work and so it's not a threat by itself. That's not true. It is well known that even with a SOP bypass in Java, you can't read existing cookies. You can send requests and may read responses (which may include new cookies), but no, you can't read existing cookies. In the video (and the live demo as well,) we show clearly that we decrypt _existing_ cookies that were already stored in the browser's cookie jar. During our research, we indeed found a Java SOP bypass. We wanted to focus on more important parts of BEAST such as the actual crypto attack and optimizations, so we stopped looking for alternatives, and used the SOP vulnerability to make an agent.