TLS/SSL - Sweet32 Attack

How to Test:

  • Open the Kali Linux OS.
  • Open the Terminal Emulator.
  • Use root control.
  • Select the target.
  • Give the command.

Example: “nmap -sV -p 443 -script ssl-enum-ciphers abc.com”.

  • Click enter.
  • If the target web application is vulnerable to sweet32 attack. Then the attacker will receive the response as shown in the screenshots below.

Description:

  • The Sweet32 attack is an SSL/TLS vulnerability that allows attackers to compromise HTTPS connections using 64-bit block ciphers.

Remediation:

  • Reconfigure the affected SSL/TLS server to disable support for obsolete 64-bit block ciphers.

Web Reference:

You’re done.

Happy Hacking!

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store