Closed

BEAST (Browser Exploit Against SSL/TLS) Vulnerability

This project received 2 bids from talented freelancers with an average bid price of $250 USD.

Get free quotes for a project like this
Employer working
Project Budget
$250 - $750 USD
Total Bids
2
Project Description

The SSL protocol encrypts data by using CBC mode with chained
initialization vectors. This allows an attacker, which is has gotten
access to an HTTPS session via man-in-the-middle (MITM) attacks
or other means, to obtain plain text HTTP headers via a blockwise
chosen-boundary attack (BCBA) in conjunction with Javascript code
that uses the HTML5 WebSocket API, the Java URLConnection API,
or the Silverlight WebClient API. This vulnerability is more commonly
referred to as Browser Exploit Against SSL/TLS or "BEAST".
Service: Apache-Coyote/1.1
Evidence:
• Cipher Suite: SSLv3 : DHE-RSA-AES128-SHA
• Cipher Suite: SSLv3 : AES128-SHA
• Cipher Suite: SSLv3 : EDH-RSA-DES-CBC3-SHA
• Cipher Suite: SSLv3 : EDH-RSA-DES-CBC-SHA
• Cipher Suite: SSLv3 : EXP-EDH-RSA-DES-CBC-SHA
• Cipher Suite: SSLv3 : DES-CBC3-SHA
• Cipher Suite: SSLv3 : DES-CBC-SHA

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online