TLS/SSL - Sweet32 Attack

How to Test:

• Open the Kali Linux OS.
• Open the Terminal Emulator.
• Use root control.

• Select the target.
• Give the command.

Example: “nmap -sV -p 443 -script ssl-enum-ciphers abc.com”.

• Click enter.

• If the target web application is vulnerable to sweet32 attack. Then the attacker will receive the response as shown in the screenshots below.

Description:

• The Sweet32 attack is an SSL/TLS vulnerability that allows attackers to compromise HTTPS connections using 64-bit block ciphers.

Remediation:

• Reconfigure the affected SSL/TLS server to disable support for obsolete 64-bit block ciphers.

Web Reference:

• https://sweet32.info/.

You’re done.

Happy Hacking!