SSL stripping

What is SSL stripping

SSL stripping is a type of attack where the attacker tricks the victim’s browser to stop it from changing its insecure HTTP connection with the target site to a secure HTTPS connection. This allows the attacker to intercept all the communications between the victim and the target. SSL stripping is also called the SSL downgrade attack and is considered a man-in-the-middle attack (MITM) technique.

Note: While man-in-the-middle attacks are usually considered to be a network security issue, SSL stripping typically applies to websites and web applications (because they use the HTTPS protocol), so it can also be seen as a web security issue.

How does SSL stripping work?

When you type an address in your browser’s address bar, your browser first connects to the target site over an insecure HTTP connection. The site then usually responds with a redirect to use a secure protocol (HTTPS). While not obligatory for every website and web application, this is currently the most common scheme to guarantee user security by enforcing HTTPS connections that use the secure sockets layer/transport layer security (SSL/TLS) protocol for fully encrypted connections.

In a man-in-the-middle SSL stripping attack, the attacker does not even need to create a copy of the website or web application (like they would for an SSL hijacking attack vector). All they need to do is set up a proxy server to analyze TCP/IP connections to the HTTP URL of the target site, modify the TCP/IP responses, and remove (i.e. strip) any requests to use HTTPS. This fools the browser into thinking there is no HTTPS version of the site at all and maintaining a plain text HTTP connection.

Example of an SSL stripping attack

In this example, the target is the invicti.com website, and you are the victim.

1. Your operating system is configured to use the DNS caches of your local provider. The attacker uses a DNS cache poisoning (DNS spoofing) cyberattack against your provider’s DNS cache servers, causing your computer’s local DNS cache to store the attacker’s IP address as the IP of invicti.com. Until this information expires in your local cache, you will be connecting to the attacker-controlled IP address every time you try to visit invicti.com in your web browser.
2. The attacker analyzes all packets that your browser is sending to invicti.com and the responses from invicti.com to your browser. All the information sent in these unencrypted packets is logged by the attacker, who strips the traffic of all requests from invicti.com to redirect to a secure connection over HTTPS and then passes it on. Oblivious to these redirect attempts, your browser keeps sending unencrypted HTTP requests.
3. The attacker can now use the information received from eavesdropping on your HTTP connections to perform other attacks. For example, they may use the session key from intercepted session cookies to perform session hijacking attacks in the future, perhaps to connect to restricted areas of invicti.com using your session ID after the MITM attack is terminated.

While invicti.com may not be a lucrative attack target, malicious hackers can apply the same techniques to other websites and web applications to get your authentication information. For example, they could target an e-commerce site where you supply your credit card information, or any other webpage that stores and transmits sensitive information.

The technique was suggested at Black Hat 2009 by American computer security researcher Moxie Marlinspike. For a detailed technical example, see the excellent article SSL strip for newbies.

How to detect SSL stripping

• The targeted site may be able to detect SSL stripping if it notices that despite several requests to switch to HTTPS, the client keeps ignoring them. There may be a legitimate reason for such browser behavior, such as a client using a very old browser version with no HTTPS support (very unlikely). Note that this is a theoretical approach, and no known systems do this in practice.
• The victim (i.e. the user) may be able to detect SSL stripping by noticing that their connection is still HTTP when it was always HTTPS. This may be visible in the browser’s address bar – for example, in Google Chrome, if the connection is insecure, there is no padlock symbol to the left of the address. Detecting this requires users to be aware of security risks and always check the address bar when connecting to websites where you provide confidential information. There are also cybersecurity-focused browser extensions that display large warnings if the connection is not encrypted.

How to prevent SSL stripping

The only way to prevent SSL stripping on the server side is to use HTTP Strict Transport Security (HSTS) to guarantee that insecure connections to your website or web application cannot be made. HSTS forces your browser to upgrade to an HTTPS connection (even if the web server still provides content using an HTTP connection) and also to remember that this specific site is only accessible over HTTPS. Once this information is stored, the browser will never attempt to make HTTP connections to that site again, instead going directly to HTTPS. To ensure security even before that first connection, administrators can put their domain and subdomains on the HSTS preload list built into popular browsers (Chrome and Firefox).

How to mitigate SSL stripping

To prevent your connections from being intercepted in the first place, you can use virtual private networks (VPNs). A VPN will prevent attackers from performing the initial MITM attack (ARP spoofing, IP address spoofing, or DNS cache poisoning) required to execute SSL stripping. You should be vigilant and always use a VPN, especially when using public wi-fi hotspots and other insecure wi-fi networks.

Frequently asked questions

Written by: Tomasz Andrzej Nidecki, reviewed by: Aleksei Tiurin