Skip to main content

BREACH

Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext

Related warning

"This server is vulnerable to a BREACH attack. Disable HTTP compression for cross-site requests, or when the header is not present in a request. Unlike a CRIME vulnerability, turning off TLS compression is not a solution. BREACH exploits the compression in the underlying HTTP protocol."

Problem

The Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext (BREACH) vulnerability targets HTTP compression. The attacker manipulates the use of HTTP-level compression to extract information from HTTPS-protected data. This information includes email addresses, security tokens, and other plain text strings.

Basically, the attacker forces your browser to connect to a TLS-enabled website. Using a MITM (man-in-the-middle-attack), they monitor the traffic between you and the site server.

Solution

  • Web Server

    Turn off compression for pages that include PII (Personally Identifiable Information).

  • Web Browser

    Force the browser not to invite HTTP compression use.

  • Web Applications

    • Consider moving to cipher AES-128.

    • Remove compression support on dynamic content.

    • Separate secrets from user input.

    • Use rate-limiting requests.