Rupture - A framework for BREACH and other compression-based crypto attacks
Rupture is a framework for easily conducting BREACH and other compression-based attacks.
For more information, please visit Rupture's home page: RuptureIt
Authors
Rupture is developed by:
- Dimitris Karakostas [email protected]
- Dionysis Zindros [email protected]
- Eva Sarafianou [email protected]
Installation
You can install the whole framework as follows:
- Install rupture.
rupture/ $ ./install.sh allJavascript
Rupture uses Javascript for communication between the client code and the realtime server. Client code is compiled using babel and server code is run on Node.js .
Injection
- Install injection.
rupture$ ./install.sh injectionClient
- Install client.
rupture$ ./install.sh clientPython
Rupture uses Python for the Command & Control server. Communication between js realtime server and Python backend is performed with a Django API endpoint.
Backend
- Install backend.
rupture/ $ ./install.sh backendSniffer
- Install sniffer.
rupture/ $ ./install.sh snifferExecution
Backend
- Edit following configuration scripts:
- rupture/backend/target_config.yml
- rupture/backend/victim_config.yml
- Setup backend.
rupture $ ./rupture setup- Deploy backend.
rupture $ ./rupture backendRealtime
- Deploy realtime.
rupture $ ./rupture realtimeSniffer
- Deploy sniffer.
rupture $ ./rupture snifferAttack
- You can also deploy backend, realtime and sniffer modules all together:
rupture/ $ sudo ./rupture attackClient
- Client code is in following directory:
- rupture/client/client_
- Open the following test HTML page in browser:
- rupture/client/client_/test.html
rupture/client/client_<id> $ ./inject.shVia: www.kitploit.com
Rupture - A framework for BREACH and other compression-based crypto attacks
Reviewed by Zion3R
on
18:15
Rating:
Reviewed by Zion3R
on
18:15
Rating:
