Loading...

TLS ROBOT Attack Scanner 20 Credits

Discover TLS servers vulnerable to ROBOT attack

Sample Report

|

Use Cases

|

Technical Details

Sample Report

Here is a TLS ROBOT Attack Scanner sample report:

  • Includes the IPs and hostnames that were found vulnerable
  • Shows if a realistic attack is possible or not

TLS ROBOT Attack Scanner - Use Cases

Allows you to discover vulnerable TLS servers (Web, Email, FTP) which are affected by the ROBOT vulnerability.

Technical Details


About

The Return Of Bleichenbacher's Oracle Threat (ROBOT) Attack is a variation of the classic Bleichenbacher attack against RSA - which is one of the encryption methods used by TLS.
A successful attack permits an attacker to decrypt the communication between a user and a server if this communication was encrypted with an RSA cipher.
Furthermore, the attacker could create and sign any message using the server's private key.


Parameters

Parameter Description
Target host(s) This specifies the target that will be tested for the ROBOT Vulnerability. It can be in the form of an IP range (ex. 100.101.102.1-254), a single IP or a hostname. Maximum 255 hosts can be scanned at a time. When a single IP/hostname is scanned, the tool will provide additional details such as the cipher suites supported by the vulnerable server.
Target service This is the service that will be scanned for ROBOT Vulnerability. The supported protocols are: HTTPS, SMTPS, IMAPS, POP3S and FTPS.


How it works

The full technical details of the ROBOT Attack are presented in the original paper Return Of Bleichenbacher's Oracle Threat (ROBOT).

In case of SMTP, IMAP, POP3 and FTP, the tool will send the STARTTLS command before initiating the TLS handshake.
Feedback