Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext (BREACH)

21 October 2022 - Articles

Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext (BREACH) is a vulnerability similar in nature to CRIME, but where CRIME affected TLS/SPDY compression, BREACH affects HTTP compression. Where an application supports HTTP compression, reflects user-input within response bodies, and includes confidential information in that body – such as a CRSF token, it may be affected by BREACH. This attack was demonstrated as practical in 2013.

Additionally, the attack is not specific to a certain version of SSL/TLS or a specific cipher suite as the exploit is against HTTP compression.

The issue can be mitigated effectively by modifying the server-size gzip compression to add randomness to the response length. Alternatively, consider disabling HTTP compression or ensure the secrets embedded within pages are randomised.

References

Play Cover Track Title
Track Authors