Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Architecture

Attack Tool Exploits SSL Vulnerability to Create DoS Attack

SSL Renegotiation Vulnerability Exploited via New Attack Tool to Launch DoS Attacks

A German hacker group has released a new proof-of-concept tool for denial of service (DoS) attacks that exploits a weakness in SSL.

SSL Renegotiation Vulnerability Exploited via New Attack Tool to Launch DoS Attacks

A German hacker group has released a new proof-of-concept tool for denial of service (DoS) attacks that exploits a weakness in SSL.

SSL renegotiation VulnerabilityAccording to the group, known as The Hackers Choice (THC), the SSL vulnerability can be used to kick a server off the Internet.

“We decided to make the official release after realizing that this tool leaked to the public a couple of months ago,” an unidentified member of THC said in a blog post.

DDoS has become a favorite tool of hacktivists, and gained significant media attention during the WikiLeaks-related protests last year, when Websites belonging to WikiLeaks critics were hit with attacks.

In a description of the tool published by the group, THC contends that establishing a secure SSL connection requires 15x more processing power on the server than on the client. The tool exploits this by overloading the server and knocking it off the Internet, the group explained, adding that vendors have been aware of this problem since 2003 and that the topic “has been widely discussed.”

“This attack further exploits the SSL secure Renegotiation feature to trigger thousands of renegotiations via single TCP connection,” the group said.

The tool works best if the server supports SSL renegotiation. If SSL renegotiation is not supported, some modifications and more bots are required before an effect can be seen, the group said.

“Renegotiating Key material is a stupid idea from a cryptography standpoint. If you are not happy with the key material negotiated at the start of the session then the session should be re-established and not re-negotiated,” according to the group.

Advertisement. Scroll to continue reading.

The tool is currently available for Windows and Unix. For those concerned with mitigation, THC said disabling SSL renegotiation and utilizing SSL accelerator hardware can serve as a stop-gap solution. Both countermeasures however can be circumvented by modifying the tool, the group said.

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Former DoD CISO Jack Wilmer has been named CEO of defensive and offensive cyber solutions provider SIXGEN.

Certificate lifecycle management firm Sectigo has hired Jason Scott as its CISO.

The State of Vermont has appointed John Toney as the state’s new CISO.

More People On The Move

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.