![Page 1: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/1.jpg)
S C I E N C EP A S S I O N
T E C H N O L O G Y
Kick-O� P3
Daniel Kales
Information Security – WT 2019/20
www.iaik.tugraz.at
![Page 2: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/2.jpg)
Organizational
Wemay have some solo groups again
If you want to be merged with another solo group...
... come down to us a�er this lecture
... sendme amail today!
We will try to merge groups with similar point total
1 / 15
![Page 3: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/3.jpg)
Kick-o� for P3: Network-SecurityO
Data in transit
![Page 4: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/4.jpg)
P3: Overview
2 / 15
![Page 5: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/5.jpg)
P3: Overview
w Task P3: Man-In-The-Middle (MITM) HTTP proxy
Ë Implement a basic HTTP proxy
Ë Upgrade your proxy to a basic HTTPS proxy
Ë Implement plugins to attack users:
Load scripts
Change content
Downgrade to SSL
. . .
3 / 15
![Page 6: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/6.jpg)
P3: Timeline
� Kicko� - Now
� Tutorial & Question hour - 10.01.2020, 13:30
� Question hour - 17.01.2020, 13:30
� Deadline - 24.01.2020, 23:59
4 / 15
![Page 7: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/7.jpg)
P3: Assignment
q Detailed specification in the teaching wiki
Link available on course websiteRead the assignment carefully!
Submission and file-distribution using git
use the same-repository (P3 subfolder)pull the assignment files from the upstream repository
see course website for instructions!
Ë Points will be published online
Automated test systemwith daily tests for each taskLinks on course website
5 / 15
![Page 8: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/8.jpg)
P3: Assignment
q Detailed specification in the teaching wiki
Link available on course websiteRead the assignment carefully!
Submission and file-distribution using git
use the same-repository (P3 subfolder)pull the assignment files from the upstream repository
see course website for instructions!
Ë Points will be published online
Automated test systemwith daily tests for each taskLinks on course website
5 / 15
![Page 9: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/9.jpg)
P3: Assignment
q Detailed specification in the teaching wiki
Link available on course websiteRead the assignment carefully!
Submission and file-distribution using git
use the same-repository (P3 subfolder)pull the assignment files from the upstream repository
see course website for instructions!
Ë Points will be published online
Automated test systemwith daily tests for each taskLinks on course website
5 / 15
![Page 10: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/10.jpg)
P3: Framework
B You will get a skeleton project written in Java
Argument parsing already implemented
You need to implement the proxy and plugins
Î Where should you begin?
Install your favorite Java IDE (Eclipse, IntelliJ IDEA)
Clone the assignment from the upstream repo
Read the task description, read the hints
Checkout the resources on Java Socket programming
6 / 15
![Page 11: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/11.jpg)
P3: Framework
B You will get a skeleton project written in Java
Argument parsing already implemented
You need to implement the proxy and plugins
Î Where should you begin?
Install your favorite Java IDE (Eclipse, IntelliJ IDEA)
Clone the assignment from the upstream repo
Read the task description, read the hints
Checkout the resources on Java Socket programming
6 / 15
![Page 12: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/12.jpg)
MITM ProxyºTwT,
É I’m starting with the man in the middleÉ
![Page 13: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/13.jpg)
Overview
Ë HTTP Proxy (3 Points)
Ë HTTPS Extension (2 Points)
Ë Chunked Encoding (2 Points)
Ë Dumping Headers/Cookies (1 Point)
Ë PluginsJ Improved Requests (1 Point)J (Un)trusted Javascript (2 Points)J Fake Content (0.5 Points)J R.I.P SSl (0.5 Points)J Phishing in the dark (2 Points)J Superfish (2 Points)
7 / 15
![Page 14: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/14.jpg)
HTTP Proxy (3 Points)
T Basic proxy functionality
Nothing malicious yet...
� Get familiar with:
HTTP
Java Socket programming
Java multithreading
º Test in your local browser!
Suitable websites in assignment document
8 / 15
![Page 15: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/15.jpg)
HTTPS Extension (2 Points)
¤ Allow users to connect to secure websites
Relay tra�ic between client and server
Nothing malicious yet...
� Get familiar with:
HTTP CONNECT requests
º Test in your local browser!
Suitable websites in assignment document
9 / 15
![Page 16: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/16.jpg)
Chunked Encoding (2 Points)
á Large responses can be split up in smaller chunks
Useful when total lenght of response is not known
Nothing malicious yet...
� Get familiar with:
HTTP Chunked Encoding
º Test in your local browser!
Suitable websites in assignment document
10 / 15
![Page 17: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/17.jpg)
Dumping Headers/Cookies (1 Points)
q Log HTTP headers and cookies for all requests
Starting to get worrysome. . .
but could be useful for debugging
� Get familiar with:
HTTP Headers & Cookies
º Test in your local browser!
Suitable websites in assignment document
11 / 15
![Page 18: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/18.jpg)
Plugins I
Active attacks, time to go to the dark side. . .
J “Improved” Requests (1 Point)
Manipulating HTTP requests and responses
Add, remove, change HTTP Headers
J (Un)trusted Javascript (2 Points)
Injecting javascript into HTTP responses
enabling everything from alerts to keyloggers
12 / 15
![Page 19: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/19.jpg)
Plugins II
J Fake Content (0.5 Points)
Replace any string in a response with a chosen one
change image sources, insert fake news, . . .
J R.I.P SSL (0.5 Points)
Downgrade HTTPS requests to HTTP (if possible)
Allows proxy to read normally encrypted communication
J Phishing in the dark (2 Points)
Redirect a user to a phishing page without him noticing
Rewrite links in phishing page to point to original page13 / 15
![Page 20: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/20.jpg)
Plugins III
J Superfish (2 Points)
o Ever got asked to install a root certificate?
What could go wrong. . .
Be a real man-in-the-middle, even for SSL connections!
All other attacks now even work on pages secured with SSL
º Test all plugins in your local browser!
Suitable websites in assignment documents
14 / 15
![Page 21: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/21.jpg)
Contact & Finding Help
Course website: https://www.iaik.tugraz.at/infosec
If you need help for the exercises, try (in this order):
Newsgroup graz.lv.infosecDon’t post your solution there...
Contact the responsible teaching assistant
Contact the responsible lecturer for the practicals
Come to the question hours
15 / 15
![Page 22: Kick-O˙P3 · P3: Timeline Kicko˙-Now Tutorial&Questionhour-10.01.2020,13:30 Questionhour-17.01.2020,13:30 Deadline-24.01.2020,23:59 4/15](https://reader033.vdocument.in/reader033/viewer/2022060923/60aea1bcb9c11901583df464/html5/thumbnails/22.jpg)
Questionsä