Identifying POODLE vulnerability
As mentioned in our previous recipe, Obtaining HTTPS parameters with SSLScan, it is possible, in some conditions, for a man-in-the-middle attacker to downgrade the secure protocol and cipher suites used in an encrypted communication.
A Padding Oracle On Downgraded Legacy Encryption (POODLE) attack uses this condition to downgrade a TLS communication to SSLv3 and forces the use of cipher suites (CBC) that can be easily broken and then the communication decrypted.
In this recipe, we will use an Nmap script to detect the existence of such a vulnerability on our test server.
Getting ready
We will have to install Nmap and download the script made specially to detect this vulnerability:
- Go to
http://nmap.org/nsedoc/scripts/ssl-poodle.html ...
Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
