Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext (BREACH)
Author: HollyGraceful Published: 21 October 2022 Last Updated: 03 November 2022
Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext (BREACH) is a vulnerability similar in nature to CRIME, but where CRIME affected TLS/SPDY compression, BREACH affects HTTP compression. Where an application supports HTTP compression, reflects user-input within response bodies, and includes confidential information in that body – such as a CRSF token, it may be affected by BREACH. This attack was demonstrated as practical in 2013.
Additionally, the attack is not specific to a certain version of SSL/TLS or a specific cipher suite as the exploit is against HTTP compression.
The issue can be mitigated effectively by modifying the server-size gzip compression to add randomness to the response length. Alternatively, consider disabling HTTP compression or ensure the secrets embedded within pages are randomised.