Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
Transport Layer Security
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
====Truncation attack==== A TLS (logout) truncation attack blocks a victim's account logout requests so that the user unknowingly remains logged into a web service. When the request to sign out is sent, the attacker injects an unencrypted [[Transmission Control Protocol|TCP]] FIN message (no more data from sender) to close the connection. The server therefore does not receive the logout request and is unaware of the abnormal termination.<ref name=register20130801>{{cite web|title=Gmail, Outlook.com and e-voting 'pwned' on stage in crypto-dodge hack|url=https://www.theregister.co.uk/2013/08/01/gmail_hotmail_hijacking|work=The Register|access-date=1 August 2013|author=John Leyden|date=1 August 2013|url-status=live|archive-url=https://web.archive.org/web/20130801193054/http://www.theregister.co.uk/2013/08/01/gmail_hotmail_hijacking|archive-date=1 August 2013}}</ref> Published in July 2013,<ref>{{cite web|title=BlackHat USA Briefings|url=https://www.blackhat.com/us-13/briefings.html#Smyth|work=Black Hat 2013|access-date=1 August 2013|url-status=live|archive-url=https://web.archive.org/web/20130730124037/http://www.blackhat.com/us-13/briefings.html#Smyth|archive-date=30 July 2013}}</ref><ref>{{cite thesis|last1=Smyth|first1=Ben|last2=Pironti|first2=Alfredo|title=Truncating TLS Connections to Violate Beliefs in Web Applications|journal=7th USENIX Workshop on Offensive Technologies|date=2013|url=https://hal.inria.fr/hal-01102013|access-date=15 February 2016|url-status=live|archive-url=https://web.archive.org/web/20151106110117/https://hal.inria.fr/hal-01102013|archive-date=6 November 2015|type=report}}</ref> the attack causes web services such as [[Gmail]] and [[outlook.com|Hotmail]] to display a page that informs the user that they have successfully signed-out, while ensuring that the user's browser maintains authorization with the service, allowing an attacker with subsequent access to the browser to access and take over control of the user's logged-in account. The attack does not rely on installing malware on the victim's computer; attackers need only place themselves between the victim and the web server (e.g., by setting up a rogue wireless hotspot).<ref name=register20130801/> This vulnerability also requires access to the victim's computer. Another possibility is when using FTP the data connection can have a false FIN in the data stream, and if the protocol rules for exchanging close_notify alerts is not adhered to a file can be truncated.
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)