WHAT IS THIS?
This tool features the basic BREACH attack. We're working on the browser-based prototype shown at BlackHat 2013.
This is intended for self-assessment only. Don't do bad things.
MITM: This is not required for the PoC. Instead, we suggest a simple HOSTS entry to enable measurement of the encrypted traffic.
Browserless: At this time we provide a simple HTTP client that simulates browser behavior. The full-featured browser-based tool will follow.
Block Ciphers: The tool isn't smart enough to work against block ciphers yet. Maybe you can send us a pull request to fix this!
HOW TO USE IT
- Windows OS (7+ tested)
- .NET 3.5+ Framework
- Visual Studio 2010+ (if you want to modify the code)
How to run:
- Build the projects to get the executables, or download them at http://breachattack.com/precompiled/.
(echo. && echo 127.0.0.1 malbot.net) >> %windir%\system32\drivers\etc\hostsin a command shell with admin privs.
- Verify the secret extracted is correct. (Take a look at the source of https://malbot.net/poc/.)
How to customize:
- Edit your hosts file entry with your new target.
BREACH Basic.csto reflect the target secret's alphabet.
canaryto specify your bootstrapping sequence in 'BREACH Basic.cs'.
- Compile & Run.
How to contribute:
Fork this repo. Make some awesome changes. Send us a pull request.