Cache Poisoning Attack Explained

cache poisoning attack

Cache poisoning attack is widely used by hackers to infect and control systems. Cache means temporary storage, if the cache can be cached by an attacker and also possible to modify it, then the attacker can successfully carry out cache poisoning attack.

While we are browsing on Internet,the cache will be stored in web browsers or in proxy-servers.If the attacker can modify that cache,the users will continue to receive malicious content until the cache entry is deleted.

How The Attacker Do This Attack ?

The Attacker should find the vulnerable service code, which allows him to fill the HTTP header field with many headers. 
  • Force the Cache server to flush actual cache content. 
  • Sends specially crafted request,which will infect the cache or modify cache content. 
  • Sends the next request.The previously modified cache content will be the response for it. 
HTTP response splitting and flaws in the web applications made the cache poisoning attack possible.

What Is DNS Cache Poisoning ?

This attack is very dangerous when the target is a well known site. The attacker corrupts the Internet Domain Name System table by replacing an IP address with another one (Normally attacker server's IP address).When a user request for the original site the corrupted Domain Name system responds to it with attacker server's IP address.

No comments

Powered by Blogger.