SSL Strip Attack
The SSL Strip attack is a typical man-in-the-middle attack used to circumvent the security enforced by SSL certificates on HTTPS-enabled websites. It’s a technique that downgrades your connection from secure HTTPS to insecure HTTP and exposes you to eavesdropping and data manipulation.
The SSL (Secure Sockets Layer) protocol is a transport layer protocol targets to provide communication security and data integrity for internet. Specifically for the website browsing, it’s utilized by HTTPS to protect the confidentiality and integrity of website communication with browsers. HTTPS wraps HTTP data into secured SSL packets before sending and receiving via SSL certificates. The use of SSL certificates in HTTPS makes man-in-the-middle attacks challenging. However, SSL Strip attacks the effectiveness of HTTPS by stripping the SSL layer.
A hacker conducting this attack intervenes in the redirection of the HTTP to the secure HTTPS protocol. A hacker can start by using ARP poisoning to first intercept communication between the victim and a server. The hacker will then continue to establish an HTTPS connection between themselves and the server, and an unsecured HTTP connection with the user, acting as a “bridge” between them.
Demonstration
No comments:
Post a Comment