Security Penetration Testing Blog

Apr 02, 2021 / Borislav Kiprin

LOGJAM is a security vulnerability against a Diffie-Hellman key exchange using 512 to 1024 bit keys. The attack forces a downgrade on the TLS connection to use only 512 bits which allows to read and inject data into the connection.

/ Borislav Kiprin

The POODLE (Padding Oracle On Downgraded Legacy Encryption) attack is a fallback attack that tries to downgrade the used TLS protocol version. Learn how to prevent SSL POODLE in this article.

/ Borislav Kiprin

FREAK (Factoring RSA Export Keys) is a vulnerability of the weak export cypher suites in SSL/TLS. Due to a weakness in the SSL/TLS protocols using only 512 or fewer bits it can easily be broken.

/ Borislav Kiprin

A server vulnerable for BEAST (Browser Exploit Against SSL/TLS) has the problem: By using weaknesses in cypher block chaining, an attacker can use Man-In-The-Middle attacks to decrypt and obtain authentication tokens.

Secure Client-Initiated SSL Renegotiation
/ Borislav Kiprin

The negotiation process of the SSL encryption uses much more resources on the server than on the client. If the client can initiate the renegotiation process, an attacker can render the server unavailable with a Denial of Service attack.

Prevent Heartbleed
/ Borislav Kiprin

The heartbleed vulnerability allows attackers to steal the private key of a server certificate. If the server is vulnerable to heartbleed, this means that an attacker can retrieve the private key and impersonate the server.

Prevent CCS Injection
/ Borislav Kiprin

The server is vulnerable to CCS Injections. Malicious intermediate nodes can intercept encrypted data and decrypt it by forcing SSL clients to use a weak key.

Secure SSL Renegotiation
/ Borislav Kiprin

The renegotiation process of the SSL encryption is vulnerable. It allows two negotiations to be handled by different parties. This leaves your data vulnerable to Man-In-The-Middle attacks.

/ Borislav Kiprin

The TLS Signaling Cipher Suite Value (SCSV) is protection against TLS/SSL downgrade attacks. If enabled, the server makes sure that the strongest protocol that both client and server understand, is used.

File Inclusion
/ Borislav Kiprin

A file inclusion allows the attacker to include arbitrary files into the web application, which can result in the exposure of sensitive files. This article describes, how you can efficiently prevent file inclusions.