Tuesday, 23 January 2024

ALPACA: Application Layer Protocol Confusion-Analyzing And Mitigating Cracks In TLS Authentication

In cooperation with the university Paderborn and Münster University of Applied Sciences, we discovered a new flaw in the specification of TLS. The vulnerability is called ALPACA and exploits a weakness in the authentication of TLS for cross-protocol attacks. The attack allows an attacker to steal cookies or perform cross-site-scripting (XSS) if the specific conditions for the attack are met.

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols.

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

We investigate cross-protocol attacks on TLS in general and conducted a systematic case study on web servers, redirecting HTTPS requests from a victim's web browser to SMTP, IMAP, POP3, and FTP servers. We show that in realistic scenarios, the attacker can extract session cookies and other private user data or execute arbitrary JavaScript in the context of the vulnerable web server, therefore bypassing TLS and web application security.

We evaluated the real-world attack surface of web browsers and widely-deployed Email and FTP servers in lab experiments and with internet-wide scans. We find that 1.​4M web servers are generally vulnerable to cross-protocol attacks, i.e., TLS application data confusion is possible. Of these, 114k web servers can be attacked using an exploitable application server. As a countermeasure, we propose the use of the Application Layer Protocol Negotiation (ALPN) and Server Name Indication (SNI) extensions in TLS to prevent these and other cross-protocol attacks.

Although this vulnerability is very situational and can be challenging to exploit, there are some configurations that are exploitable even by a pure web attacker. Furthermore, we could only analyze a limited number of protocols, and other attack scenarios may exist. Thus, we advise that administrators review their deployments and that application developers (client and server) implement countermeasures proactively for all protocols.

More information on ALPACA can be found on the website https://alpaca-attack.com/.

More info


  1. Hacker Tools For Windows
  2. How To Make Hacking Tools
  3. Hack Tools For Windows
  4. New Hack Tools
  5. Pentest Reporting Tools
  6. Black Hat Hacker Tools
  7. Pentest Tools Android
  8. Blackhat Hacker Tools
  9. Hacking Tools For Windows Free Download
  10. Wifi Hacker Tools For Windows
  11. Pentest Tools Windows
  12. Hacker Tools For Pc
  13. Hacker Techniques Tools And Incident Handling
  14. Computer Hacker
  15. Pentest Reporting Tools
  16. Hacker Tools Github
  17. Hacker Tools Github
  18. Pentest Tools Subdomain
  19. New Hacker Tools
  20. Pentest Tools Online
  21. Hacking Tools Windows 10
  22. Pentest Tools For Ubuntu
  23. Tools 4 Hack
  24. Hacker Techniques Tools And Incident Handling
  25. Blackhat Hacker Tools
  26. Hacking Tools For Games
  27. Hacker Tools Windows
  28. Top Pentest Tools
  29. Hacking Tools Online
  30. Hacking Tools For Beginners
  31. Hacker Tool Kit
  32. Hack Tools Online
  33. Pentest Reporting Tools
  34. Hacker Techniques Tools And Incident Handling
  35. Hacker Techniques Tools And Incident Handling
  36. Hacker Tools Apk
  37. Hacking Tools For Mac
  38. How To Hack
  39. Top Pentest Tools
  40. Tools Used For Hacking
  41. Github Hacking Tools
  42. Pentest Automation Tools
  43. Ethical Hacker Tools
  44. Hack Tools
  45. Hacker Tools Windows
  46. Hack Apps
  47. Pentest Tools Website
  48. Beginner Hacker Tools
  49. Hacking Tools For Mac
  50. Hack Website Online Tool
  51. Growth Hacker Tools
  52. Underground Hacker Sites
  53. Pentest Tools Url Fuzzer
  54. Hacker Tools 2019
  55. Hacking Tools
  56. Hack Tools For Mac
  57. Hack And Tools
  58. Pentest Tools Website
  59. Hacking Tools Pc
  60. Hacking Tools Pc
  61. Hack Apps
  62. Best Pentesting Tools 2018
  63. Pentest Tools Apk
  64. Pentest Tools Kali Linux
  65. Pentest Tools Port Scanner
  66. Hack Rom Tools
  67. Underground Hacker Sites
  68. Hacks And Tools
  69. Hacker Tools 2019
  70. Hacking Tools Usb
  71. Hacker Tools Free Download
  72. Pentest Tools Alternative
  73. Tools Used For Hacking
  74. Hacking Tools For Windows Free Download
  75. Hacker Tools
  76. Pentest Tools Android
  77. Hacker Tools Free
  78. New Hacker Tools
  79. Hack Tools For Games
  80. Pentest Tools Free
  81. Physical Pentest Tools
  82. Hacking Tools
  83. Hacking Tools Software
  84. Free Pentest Tools For Windows
  85. Nsa Hack Tools
  86. What Are Hacking Tools
  87. Pentest Tools Download
  88. Pentest Tools
  89. Hacking Tools For Pc
  90. World No 1 Hacker Software
  91. Hack Tools For Mac
  92. Hacker Tools Hardware
  93. Pentest Tools Free
  94. Easy Hack Tools
  95. Hacking Tools Pc
  96. New Hack Tools
  97. Hacking Tools Github
  98. Underground Hacker Sites
  99. Nsa Hack Tools Download
  100. Pentest Tools
  101. Hacking Tools 2020
  102. Pentest Tools Online
  103. Easy Hack Tools
  104. Hacker Tools Online
  105. Hack Tool Apk No Root
  106. Computer Hacker
  107. Tools Used For Hacking
  108. Hacker Techniques Tools And Incident Handling
  109. Game Hacking
  110. Pentest Tools Android
  111. Growth Hacker Tools
  112. Nsa Hack Tools Download
  113. How To Make Hacking Tools
  114. Hacking Tools Name
  115. Pentest Tools List
  116. Hacking Tools Software
  117. Hacker Security Tools
  118. Hacker Tools Free
  119. Hacking Tools Github
  120. How To Hack
  121. Hacking Tools Windows 10
  122. Hacker Tools For Ios
  123. Hacking Tools And Software
  124. Pentest Tools Subdomain
  125. Hack Tool Apk
  126. Hacking Tools
  127. Computer Hacker
  128. Hackers Toolbox
  129. Hack App
  130. Tools For Hacker
  131. Pentest Tools Windows
  132. Hack Tool Apk
  133. Hacking Tools Download
  134. Hack Tools Pc
  135. Hacker Tools Free Download
  136. Best Hacking Tools 2020

No comments:

Post a Comment