ALPACA: Application Layer Protocol Confusion-Analyzing And Mitigating Cracks In TLS Authentication

In cooperation with the university Paderborn and Münster University of Applied Sciences, we discovered a new flaw in the specification of TLS. The vulnerability is called ALPACA and exploits a weakness in the authentication of TLS for cross-protocol attacks. The attack allows an attacker to steal cookies or perform cross-site-scripting (XSS) if the specific conditions for the attack are met.

TLS is an internet standard to secure the communication between servers and clients on the internet, for example that of web servers, FTP servers, and Email servers. This is possible because TLS was designed to be application layer independent, which allows its use in many diverse communication protocols.

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. Attackers can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.

We investigate cross-protocol attacks on TLS in general and conducted a systematic case study on web servers, redirecting HTTPS requests from a victim's web browser to SMTP, IMAP, POP3, and FTP servers. We show that in realistic scenarios, the attacker can extract session cookies and other private user data or execute arbitrary JavaScript in the context of the vulnerable web server, therefore bypassing TLS and web application security.

We evaluated the real-world attack surface of web browsers and widely-deployed Email and FTP servers in lab experiments and with internet-wide scans. We find that 1.​4M web servers are generally vulnerable to cross-protocol attacks, i.e., TLS application data confusion is possible. Of these, 114k web servers can be attacked using an exploitable application server. As a countermeasure, we propose the use of the Application Layer Protocol Negotiation (ALPN) and Server Name Indication (SNI) extensions in TLS to prevent these and other cross-protocol attacks.

Although this vulnerability is very situational and can be challenging to exploit, there are some configurations that are exploitable even by a pure web attacker. Furthermore, we could only analyze a limited number of protocols, and other attack scenarios may exist. Thus, we advise that administrators review their deployments and that application developers (client and server) implement countermeasures proactively for all protocols.

More information on ALPACA can be found on the website https://alpaca-attack.com/.

More info

• Hacking Tools 2020
• Hacking Tools Kit
• Hacker Tools Free
• New Hacker Tools
• Hack Tools Github
• World No 1 Hacker Software
• Hacking Tools 2020
• Pentest Tools Framework
• Pentest Tools Tcp Port Scanner
• Pentest Tools Tcp Port Scanner
• Pentest Tools
• Nsa Hack Tools
• Hackrf Tools
• Hack Tool Apk
• Pentest Tools Subdomain
• Top Pentest Tools
• Wifi Hacker Tools For Windows
• Hack Tools Mac
• Hacking Tools For Windows 7
• Hacking Apps
• Pentest Tools Nmap
• Hacker
• Pentest Tools Find Subdomains
• What Are Hacking Tools
• Pentest Tools Download
• Hacker Tools Free Download
• Install Pentest Tools Ubuntu
• Nsa Hack Tools
• Hacking Tools For Kali Linux
• Pentest Tools
• Hack Website Online Tool
• Hack Tool Apk
• Hacker Tools For Pc
• Tools For Hacker
• Hacking Tools For Mac
• Hacking Tools Windows 10
• Hacking Apps
• Computer Hacker
• Hacking Tools Mac
• Hacking Tools Name
• Hack Apps
• Hacker Tools Online
• Hacking App
• Hack Tools
• Hack Tools Download
• Physical Pentest Tools
• Pentest Tools Kali Linux
• Pentest Box Tools Download
• Pentest Tools For Android
• Pentest Tools For Ubuntu
• Hacker Tools Free
• How To Install Pentest Tools In Ubuntu
• New Hack Tools
• Hacking Tools Windows
• How To Make Hacking Tools
• Hacking Tools Windows 10
• Hacker Tools Linux
• Physical Pentest Tools
• Nsa Hack Tools Download
• Pentest Tools Apk
• Hacking Tools Mac
• Game Hacking
• Hacker Tools Apk Download
• Hak5 Tools
• Tools Used For Hacking
• Hacking Tools For Kali Linux
• Hacker Tools Mac
• Termux Hacking Tools 2019
• Ethical Hacker Tools
• Hacking Tools
• Pentest Tools Linux
• Hacks And Tools
• Pentest Tools Nmap
• Hack Tools For Windows
• Hack Tool Apk
• Pentest Tools Android
• Pentest Tools Website Vulnerability
• Hacking Tools Kit
• Hacking Tools For Beginners
• Tools Used For Hacking
• Pentest Tools Nmap
• Hacker Techniques Tools And Incident Handling
• Pentest Tools Subdomain
• Hacking Tools Online
• Wifi Hacker Tools For Windows
• Pentest Tools For Windows
• Hacking Tools 2020
• Hack Tools
• Hack Tools
• Pentest Tools List
• Hack And Tools
• Hack Tools For Pc
• Pentest Tools Download
• Hacker Tool Kit
• Pentest Tools For Ubuntu
• Termux Hacking Tools 2019
• Pentest Tools Free
• Pentest Tools Open Source
• Hackrf Tools
• Hack Tools
• Nsa Hack Tools
• Hacking Tools And Software
• Pentest Tools Tcp Port Scanner
• Hacking Apps
• Hack Tools For Windows
• Hacker Tools Mac
• Pentest Tools Online
• Hack Tools Mac
• Easy Hack Tools
• Hacking Tools For Games
• Hack Website Online Tool
• Github Hacking Tools
• Hacker Security Tools
• Nsa Hack Tools Download
• Hack Website Online Tool
• Hacker Tools Mac
• Pentest Tools List
• Hack Tools
• World No 1 Hacker Software
• Hacker Tools Github
• Pentest Box Tools Download
• Pentest Tools Tcp Port Scanner
• Hack Tools For Windows
• Hack Tool Apk No Root
• Hacking Tools For Windows 7
• How To Make Hacking Tools
• Beginner Hacker Tools
• New Hacker Tools
• Hacker Tool Kit
• Nsa Hack Tools
• Hacker Tools Hardware
• Hacking Tools Windows 10
• Hacking Tools Pc
• Hack App
• Pentest Tools For Windows
• Hacking Tools Free Download
• Github Hacking Tools
• Nsa Hack Tools
• Pentest Tools Nmap
• Hack Rom Tools
• Pentest Tools Download
• Pentest Tools Find Subdomains
• Tools Used For Hacking
• Hacker Search Tools
• Hacking Tools For Pc
• Ethical Hacker Tools
• Hack Rom Tools
• Hacker Tools For Pc
• Hack Website Online Tool
• Hacking Tools Kit
• Ethical Hacker Tools
• Wifi Hacker Tools For Windows
• Hacker Tools For Windows
• Hacker Tools Apk Download
• Free Pentest Tools For Windows
• Hacker Tools 2019
• Bluetooth Hacking Tools Kali
• Hacker
• Pentest Box Tools Download
• Hacker Tools For Windows
• Tools For Hacker
• Wifi Hacker Tools For Windows
• Hacking Tools Hardware
• Pentest Tools Find Subdomains
• Termux Hacking Tools 2019
• Pentest Tools Apk
• Hacker Tools Online
• Hack And Tools
• Best Hacking Tools 2019
• Pentest Box Tools Download
• Pentest Tools Online
• Hacker Tools