Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
1 résultat taggé Opossum  ✕
New “Opossum” Attack Breaches Secure TLS by Injecting Malicious Messages https://gbhackers.com/new-opossum-attack-breaches-secure-tls/
10/07/2025 11:51:33
QRCode
archive.org
thumbnail

gbhackers.com July 10, 2025 - A newly discovered man-in-the-middle exploit dubbed “Opossum” has demonstrated the unsettling ability to compromise secure communications.

Researchers warn that Opossum targets a wide range of widely used application protocols—including HTTP, FTP, POP3, SMTP, LMTP and NNTP—that support both “implicit” TLS on dedicated ports and “opportunistic” TLS via upgrade mechanisms.

By exploiting subtle implementation differences between these two modes, an attacker can provoke a desynchronization between client and server, ultimately subverting the integrity guarantees of TLS and manipulating the data seen by the client.

The Opossum attack is built upon vulnerabilities first highlighted in the ALPACA attack, which identified weaknesses in TLS authentication when application protocols allow switching between encrypted and plaintext channels.
Even with ALPACA countermeasures in place, Opossum finds fresh leverage points at the application layer. When a client connects to a server’s implicit TLS port—such as HTTPS on port 443—the attacker intercepts and redirects the request to the server’s opportunistic-TLS endpoint on port 80.

By posing as the client, the attacker initiates a plaintext session that is then upgraded to TLS with crafted “Upgrade” headers.

Simultaneously, the attacker relays the original client’s handshake to the server, mapping the two TLS sessions behind the scenes.

gbhackers EN 2025 Opossum man-in-the-middle TLS injection desynchronization ALPACA
4835 links
Shaarli - Le gestionnaire de marque-pages personnel, minimaliste, et sans base de données par la communauté Shaarli - Theme by kalvn