BREACH

Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext

"This server is vulnerable to a BREACH attack. Disable HTTP compression for cross-site requests, or when the header is not present in a request. Unlike a Crime vulnerability, turning off TLS compression is not a solution. BREACH exploits the compression in the underlying HTTP protocol."

Problem

The Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) vulnerability targets HTTP compression. The attacker manipulates the use of HTTP-level compression to extract information from HTTPS-protected data, including email addresses, security tokens, and other plain text strings.

Basically, the attacker forces your browser to connect to a TLS-enabled website. Using a MITM (man-in-the-middle-attack, they monitor the traffic between you and site server.

Solution

  • Web Server
    Turn off compression for pages that include PII (Personally Identifiable Information).
  • Web Browser
    Force browser not to invite HTTP compression use.
  • Web Applications
    • Consider moving to Cipher AES128.
    • Remove compression support on dynamic content.
    • Reduce secrets in response buddies.
    • Use rate-limiting requests.