Rupture framework used to upgrade three-year-old BREACH framework and hack Facebook and Gmail 500 times faster
Security researchers have expanded and improved a three-year-old cyber-attack that could steal information from websites such as Facebook and Gmail up to 500 times faster than previous attempts.
The attack, known as BREACH (Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext) has been enhanced to run 500 times faster than the original attack. The BREACH attack was first presented at the Black Hat USA security conference in August 2013 by security researchers Angelo Prado, Neal Harris and Yoel Gluck.
However, another team of researchers, Dimitris Karakostas from the National Technical University of Athens and Dionysis Zindros from the University of Athens, have since made improvements to BREACH. In a research paper published by the pair, they showed how encryption used by popular websites can be broken despite attempts over the past three years to shut off such attacks. Karakostas and Zindros presented their BREACH optimizations at the Black Hat Asia security conference last week and also released an open-source framework called Rupture that can be used to launch such compression-related attacks.
The latest update is now more capable and can exploit encryption such as AES. A previous version of BREACH was an extension of an attack known as CRIME (Compression Ratio Info-leak Made Easy), which used compressed encrypted internet requests against users.
In the paper, the researchers showed how Rupture makes these attacks much easier and can be used to read Gmail and Facebook messages.
The duo told The Register that launching an attack is no child’s play, as it would take weeks to successfully compromise a target.
“I think with the interaction of Rupture, once people start writing target configurations for specific endpoints it is going to be much easier because it will lower the complexity of the attack,” Zindros says.
“If you want to use Rupture to target an endpoint you need to study it for a bit, how it behaves, how it compresses things, if there is noise, and configure it to make it work … to steal a Gmail email or a Facebook message.
“Rupture is the implementation of our ideas, our optimisation techniques, our statistical techniques, and is not proof-of-concept – it is ready to run on real systems.”
The attack assumes that a target website uses HTTPS and compresses the response in plaintext. It also assumes that a target website uses stream ciphers and has zero noise, but the researchers added that block ciphers, such as AES, are most commonly used but BREACH could now attack block ciphers and “render the vast majority of websites practically vulnerable to the attack”.
An attacker is able to inject code to the victim’s machine for execution to gain control of a network. This code can issue adaptive requests to the target service.
According to the researchers, two services where the findings are applicable are Gmail and Facebook as both services use AES and uncover noisy endpoints.
“Gmail uses an authentication token, which consists of random digits, letters, and dashes, generated every time the user logs into the account. The fact that it does not change very often is convenient because it allows the attacker to collect multiple samples for this secret,” said the researchers.
They added that there are more ways in than these tokens even though Facebook has launched a mechanism to specially stop BREACH against its CSRF.
“It provides a mobile version, Touch, that allows search on messages via GET, using the following URL https://touch.facebook.com/messages?q=”search_string”. This search query is reflected in the search results page, along with the last message of the 5 latest conversations, regardless of the search results. Instead of stealing the user’s CSRF token, we can, therefore, steal one of these private messages.”
It is the introduction of Rupture that speeds up the attack.
“With Rupture, our aim was to make it easier to mount such attacks and provide reasonable pre-configured defaults, targets, and attack strategies that can be used in practice or modified to suit the need of new attacks. The framework is designed specifically to allow for further investigations on both the practical and theoretical side,” the researchers wrote in the paper.
By using first-party cookies, the attacks could be eliminated. “The feasibility of the attack lies on the fact that the attacker can utilise the target service as a compression oracle and retrieve encrypted compressed secrets along with chosen plaintext data,” said the researchers.