Shan Journey

What is the POODLE attack? Padding Oracle On Downgraded Legacy Encryption (POODLE) is an issue that affects SSL 3.0. If an adversary can modify network transmissions between the client and the server they can downgrade the SSL connection to SSL 3.0 and tamper with/decrypt data in transmission. The actual problem stems from the fact that the block cipher padding in CBC encryption in SSL 3.0 is not fully verified during the decryption process. Is *.googlevideo.com Vuln ? actually i test 2 subdomain in googlevideo.com r8---sn-2uuxa3vh-n0cl.googlevideo.com r6---sn-4pvgq-n8ve.googlevideo.com Steps To Reproduce  openssl s_client -connect r8---sn-2uuxa3vh-n0cl.googlevideo.com:443 -ssl3  Output :   $ openssl s_client -connect r8---sn-2uuxa3vh-n0cl.googlevideo.com:443 -ssl3 CONNECTED(00000158) --- Certificate chain  0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.googlevideo.com    i:/C=US/O=Google Inc/CN=Google Internet Authority G...

What is the POODLE attack? Padding Oracle On Downgraded Legacy Encryption (POODLE) is an issue that affects SSL 3.0. If an adversary can modify network transmissions between the client and the server they can downgrade the SSL connection to SSL 3.0 and tamper with/decrypt data in transmission. The actual problem stems from the fact that the block cipher padding in CBC encryption in SSL 3.0 is not fully verified during the decryption process. Is line.me vulnerable to POODLE? PoC :  openssl s_client -connect line.me:443 -ssl3 Output :  shan@pasuruanblackhat :~$ openssl s_client -connect line.me:443 -ssl3  CONNECTED(00000003)  depth=3 C = US, O = Equifax, OU = Equifax Secure Certificate Authority  verify return:1  depth=2 C = US, O = GeoTrust Inc., CN = GeoTrust Global CA  verify return:1  depth=1 C = US, O = GeoTrust Inc., CN = GeoTrust SSL CA - G3  verify return:1  depth=0 C = JP, ST = Tokyo, L = Shibuya-ku, O = LINE Corporatio...

What is the POODLE attack? Padding Oracle On Downgraded Legacy Encryption (POODLE) is an issue that affects SSL 3.0. If an adversary can modify network transmissions between the client and the server they can downgrade the SSL connection to SSL 3.0 and tamper with/decrypt data in transmission. The actual problem stems from the fact that the block cipher padding in CBC encryption in SSL 3.0 is not fully verified during the decryption process. Is WhatsApp.com & Blog.WhatsApp.com vulnerable to POODLE? root@pasuruanblackhat:/home/shan# openssl s_client -connect blog.whatsapp.com:443 -ssl3 Output :   CONNECTED(00000003) depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA verify return:1 depth=1 C = US, O = DigiCert Inc, CN = DigiCert SHA2 Secure Server CA verify return:1 depth=0 C = US, ST = California, L = Santa Clara, O = "WhatsApp, Inc.", CN = *.whatsapp.com verify return:1 --- Certificate chain 0 s:/C=US/ST...