Posts

Showing posts with the label bypass https security

The DROWN Attack

Image
The DROWN AttackDROWN stands for 'Decrypting RSA using Obsolete and Weakened Encryption'. In short what this means is that TLS connections to a large proportion of websites, mail servers and VPN's are open to an attack. SSLv2 was first released in 1995 and depreciated in 2011. It was found that 33% of all HTTPs servers and 22% of those with browser trusted certificates are vulnerable to the attack.  In a separate experiment it was found that OpenSSL, released in 1998, could also be vulnerable. By using an unpatched version of SSLv2, an attacker can decrypt a TLS cipher-text in one minute on a single CPU. This is fast enough to enable man-in-the-middle attacks against modern servers. 26% of all HTTPs servers are vulnerable to this attack. In most cases this vulnerability is simply due to server configurations not being updated. Some embedded devices that have not been updated in years are also vulnerable. OpenSSL, a free Apache toolkit for TLS and SSL protocols, provides an…

evilginx2 v2.2 releases: MITM attack framework that allow to bypass 2-factor authentication

Image
evilginx2 is a man-in-the-middle attack framework used for phishing login credentials along with session cookies, which in turn allows to bypass 2-factor authentication protection.
This tool is a successor to Evilginx, released in 2017, which used a custom version of nginx HTTP server to provide man-in-the-middle functionality to act as a proxy between a browser and phished website. The present version is fully written in GO as a standalone application, which implements its own HTTP and DNS server, making it extremely easy to set up and use.

I am very much aware that Evilginx can be used for nefarious purposes. This work is merely a demonstration of what adept attackers can do. It is the defender’s responsibility to take such attacks into consideration and find ways to protect their users against this type of phishing attacks. Evilginx should be used only in legitimate penetration testing assignments with written permission from to-be-phished parties.

Changelog v2.2
Added opti…