Basically, the hacking tool enables either a person or program to hijack sessions, and none are as lucrative as those associated with financial websites and other services. The two boffins in question? Juliano Rizzo and Thai Duong, where they will lift the curtain on their Browser Exploit Against SSL/TLS tool called BEAST.
BEAST is able to take advantage of the information collected in order to decrypt the target’s AES-encrypted requests, ranging from encrypted cookies to others, where it will follow that up by hijacking the no-longer secure connection. The decryption process is rather slow though, as BEAST needs sessions of at least 30 minutes at the moment in order to break cookies by relying on keys of more than 1,000 characters in length. Have you got the heebie jeebies yet?Related articles: