Closed

BEAST (Browser Exploit Against SSL/TLS) Vulnerability

This project received 2 bids from talented freelancers with an average bid price of $250 USD.

Get free quotes for a project like this
Employer working
Project Budget
$250 - $750 USD
Total Bids
2
Project Description

The SSL protocol encrypts data by using CBC mode with chained

initialization vectors. This allows an attacker, which is has gotten

access to an HTTPS session via man-in-the-middle (MITM) attacks

or other means, to obtain plain text HTTP headers via a blockwise

chosen-boundary attack (BCBA) in conjunction with Javascript code

that uses the HTML5 WebSocket API, the Java URLConnection API,

or the Silverlight WebClient API. This vulnerability is more commonly

referred to as Browser Exploit Against SSL/TLS or "BEAST".

Service: Apache-Coyote/1.1

Evidence:

• Cipher Suite: SSLv3 : DHE-RSA-AES128-SHA

• Cipher Suite: SSLv3 : AES128-SHA

• Cipher Suite: SSLv3 : EDH-RSA-DES-CBC3-SHA

• Cipher Suite: SSLv3 : EDH-RSA-DES-CBC-SHA

• Cipher Suite: SSLv3 : EXP-EDH-RSA-DES-CBC-SHA

• Cipher Suite: SSLv3 : DES-CBC3-SHA

• Cipher Suite: SSLv3 : DES-CBC-SHA

SUBMIT DATE

LAST UPDATED

Looking to make some money?

  • Set your budget and the timeframe
  • Outline your proposal
  • Get paid for your work

Hire Freelancers who also bid on this project

    • Forbes
    • The New York Times
    • Time
    • Wall Street Journal
    • Times Online