Credentials are transmitted to server in plain text

dynatrace5 — Fri, 16 Jun 2023 11:04:51 GMT

Dear Team,
As we have observed vulnerabilities during login, password is not encrypted after submission of dynatrace managed login page. Also attached snap as evidence for such case. Kindly check and resolve ASAP.

Observation Solution : Encrypt transmission of credentials from the client to the server.

Observation Description: An adversary can intercept plain text credentials using sniffer tools. Credentials thus obtained may be used to gain unauthorized access to the application.

Regards,
Ashutosh Kumar Singh

Re: Credentials are transmitted to server in plain text

AntonioSousa — Tue, 26 Apr 2022 18:59:15 GMT

@dynatrace5,

In the screenshot you provide, you can see that connection is being made in https, so the whole socket and the data transmitted in it are encrypted.

The fact that you are seeing the data unencrypted is because you are intercepting this with a MITM attack proxy, like BURP. For you to do it, you have had to make something special on the client side making the requests, like putting in new certificates/CAs. In a normal proxy it won't work this way.

If you grab the data from a packet capture, you will confirm that you cannot see it.

So, in summary, it is effectively encrypted, and an adversary cannot intercept such data using sniffer tools.

This is how https normally works. You can secure it with some additional tricks, but in most cases it would be easily reversible.

topic Credentials are transmitted to server in plain text in Dynatrace Managed Q&A

Credentials are transmitted to server in plain text

Re: Credentials are transmitted to server in plain text