TLS/SSL - Sweet32 Attack
How to Test:
- Open the Kali Linux OS.
- Open the Terminal Emulator.
- Use root control.
- Select the target.
- Give the command.
Example: “nmap -sV -p 443 -script ssl-enum-ciphers abc.com”.
- Click enter.
- If the target web application is vulnerable to sweet32 attack. Then the attacker will receive the response as shown in the screenshots below.
- The Sweet32 attack is an SSL/TLS vulnerability that allows attackers to compromise HTTPS connections using 64-bit block ciphers.
- Reconfigure the affected SSL/TLS server to disable support for obsolete 64-bit block ciphers.