1 / 47

SSLstrip

SSLstrip. Stepan Shykerynets. http://wisc.org.ua / 23.03.2013. http://wisc.org.ua / 23.03.2013. http://wisc.org.ua / 23.03.2013. http://wisc.org.ua / 23.03.2013. Attention. !. http://wisc.org.ua / 23.03.2013. http://wisc.org.ua / 23.03.2013. http://wisc.org.ua / 23.03.2013.

fran
Télécharger la présentation

SSLstrip

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. SSLstrip StepanShykerynets http://wisc.org.ua/ 23.03.2013

  2. http://wisc.org.ua/ 23.03.2013

  3. http://wisc.org.ua/ 23.03.2013

  4. http://wisc.org.ua/ 23.03.2013

  5. Attention ! http://wisc.org.ua/ 23.03.2013

  6. http://wisc.org.ua/ 23.03.2013

  7. http://wisc.org.ua/ 23.03.2013

  8. http://wisc.org.ua/ 23.03.2013

  9. http://wisc.org.ua/ 23.03.2013

  10. Private / Public key CLIENT SERVER Private key Public key http://wisc.org.ua/ 23.03.2013

  11. Private / Public key CLIENT SERVER Public key CA Private key Public key http://wisc.org.ua/ 23.03.2013

  12. Private / Public key CLIENT SERVER Public key Private key Public key CA http://wisc.org.ua/ 23.03.2013

  13. Private / Public key http://wisc.org.ua/ 23.03.2013

  14. SSL And Certificate Chaining http://wisc.org.ua/ 23.03.2013

  15. Certificate • X509 Certificate version serial number issuer validity subject public key • Signature algorithm • Signature http://wisc.org.ua/ 23.03.2013

  16. Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature. http://wisc.org.ua/ 23.03.2013

  17. Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Intermediate CA Not embedded in browser. Still sort of all-powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature. http://wisc.org.ua/ 23.03.2013

  18. Certificate Chaining VeriSign Intermediate CA Facebook.com http://wisc.org.ua/ 23.03.2013

  19. Certificate Chains Can Be > 3 VeriSign Intermediate CA Intermediate CA Facebook.com http://wisc.org.ua/ 23.03.2013

  20. How do we validate these things? • Verify that the leaf node has the name of the site you're connecting to. • Verify that the leaf node hasn't expired. • Check the signature. • If the signing certificate is in our list of root CA's, stop. • Otherwise, move one up the chain and repeat. http://wisc.org.ua/ 23.03.2013

  21. Very tempting to use a simple recursive function. Everyone focuses on the signature validation. The result of a naive attempt at validation is a chain that is complete, but nothing more. http://wisc.org.ua/ 23.03.2013

  22. What if … VeriSign Intermediate CA Intermediate CA hack.org http://wisc.org.ua/ 23.03.2013

  23. What if … VeriSign Intermediate CA Intermediate CA hack.org Facebook.com http://wisc.org.ua/ 23.03.2013

  24. What they say : • Verify that the leaf node has the name of the site you're connecting to. • Verify that the leaf node hasn't expired. • Check the signature. • If the signing certificate is in our list of root CA's, stop. • Otherwise, move one up the chain and repeat. http://wisc.org.ua/ 23.03.2013

  25. But … • All the signatures are valid • Nothing has expired • The chain is in fact • The root CA is embedded in the browser and trusted http://wisc.org.ua/ 23.03.2013

  26. The missing piece http://wisc.org.ua/ 23.03.2013

  27. The missing piece ! http://wisc.org.ua/ 23.03.2013

  28. The missing piece http://wisc.org.ua/ 23.03.2013

  29. Most CA's didn't explicitly set basic Constraints: CA=FALSE • A lot of web browsers and other SSL implementations didn't bother to check it, whether the field was there or not • Any one with a valid leaf node certificate could create and sign a leaf node certificate for any other domain. http://wisc.org.ua/ 23.03.2013

  30. But we have one problem http://wisc.org.ua/ 23.03.2013

  31. Smart browsers http://wisc.org.ua/ 23.03.2013

  32. People are … http://wisc.org.ua/ 23.03.2013

  33. People are … LAZY http://wisc.org.ua/ 23.03.2013

  34. http://...https://... http://wisc.org.ua/ 23.03.2013

  35. SSLsniff http://wisc.org.ua/ 23.03.2013

  36. SSLsniff • Intercept a connection from the client side. • Generate a certificate for the site it is connecting to. • Sign in with any random valid leaf node certificate. • Pass that certificate chain to the client. • Make normal SSL connection to the server. • Pass data between client and server, decrypting and encrypting on each end. http://wisc.org.ua/ 23.03.2013

  37. Web browsing • SSL is almost never encountered directly. • It is either encountered as a result of: A 302 redirect from HTTP URL to an HTTPS URL. An HTTPS link that a user click on from an HTTP page. http://wisc.org.ua/ 23.03.2013

  38. SSLstrip • Watch HTTP traffic go by. • Switch <a href="https://> to <a href="http://> and keep a map of what you've changed. • Switch Location: https:// to Location: http:// and keep a map of what you've changed. http://wisc.org.ua/ 23.03.2013

  39. SSLstrip • Watch HTTP traffic go by. • When we seen an HTTP request for URL that we've stripped, proxy that out as HTTPS to the server. • Watch the HTTPS traffic go by, log everything that we want, and keep a map of all relative, CSS and JS links that go by. http://wisc.org.ua/ 23.03.2013

  40. SSLstrip • The server never knows the difference. Everything looks secure on their end. • The client doesn't display any of the disastrous warnings that we want to avoid. • We see all the traffic. http://wisc.org.ua/ 23.03.2013

  41. Let's simplify it… http://wisc.org.ua/ 23.03.2013

  42. Time to action http://wisc.org.ua/ 23.03.2013

  43. BackTrack : Giving Machine Guns to Monkeys since 2006 http://wisc.org.ua/ 23.03.2013

  44. Tools • SSLstrip • ARPspoof • Ettercap http://wisc.org.ua/ 23.03.2013

  45. Commands • #bt echo "1" > /proc/sys/net/ipv4/ip_forward • # btiptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 • #btsslstrip -a -l 10000 -w log.txt –f • # arpspoof -i <yourNetworkdDevice> -t <yourTarget> <theRoutersIpAddress> • # ettercap -T –q –i <yourNetworkdDevice> http://wisc.org.ua/ 23.03.2013

  46. Protection • Google services • High protection network equipment • Checking site certificates http://wisc.org.ua/ 23.03.2013

  47. StepanShykerynets SShykerynets@gmail.com

More Related