the heartbleed bug a vulnerability in the openssl cryptographic library
TRANSCRIPT
The Heartbleed BugA vulnerability in the OpenSSL Cryptographic Library
Agenda
• General overview of the vulnerability
• Process
• Heartbleed history
• Affected sites
• Exploitation of a vulnerable version of an Apache Server
• In the news…
Description of the vulnerability
• Vulnerable:• program source files: t1_lib.c and d1_both.c• functions are tls1_process_heartbeat() and dtls1_process_heartbeat()
• The actual breach: memcpy(bp, pl, payload)
bp – final destination of the data that needs to be copied;
pl – the location of the data that needs to be copied;
payload – the amount of data to copy;
There is no such thing of empty memory!
Process
• The attacker can grab 64K of memory per heartbeat
• Not limited to 1 grab!
Common Vulnerabilities and Exposures reference: CVE-2014-0160 is the official reference to this bug.
Extract sensitive
information
Read memoryExploit
History
• Dates back to 2011:• Robin Seggelmann, Ph.D. student at the University of Duisburg –
Essen implemented the Heartbeat Extension for OpenSSL• Introduced in the source code repository on December 31, 2011• Was adopted with the release of OpenSSL version 1.0.1 on March
14, 2012• Heartbeat support was enabled by default and discovered on 1st of
April 2014
“The SSL/TLS encryption, by design and implementation it’s meant to protect the information.”
… some affected sites
Target
Targeted machine:• Linux Distribution for ARM
Architecture on RaspberryPI
OpenSSL between 1.0.1 – 1.0.1 f are vulnerable
Source
Attack source:
• Kali Linux Distribution for ARM Architecture on RaspberryPI
Nmap –p 443 –script=ssl-heartbleed.nse 192.168.0.105
Attack
Attack source:
To exploit this bug we used a custom mass auditing tool crafted by Rhaul Sasi
Attack
Attack result:
0002c0b0 65 3a 20 61 70 70 6c 69 63 61 74 69 6f 6e 2f 78 |e: application/x|0002c0c0 2d 77 77 77 2d 66 6f 72 6d 2d 75 72 6c 65 6e 63 |-www-form-urlenc|0002c0d0 6f 64 65 64 0d 0a 0d 0a 75 73 65 72 3d 45 72 69 |oded....user=Eri|0002c0e0 6e 26 70 61 73 73 3d 70 61 73 73 77 6f 72 64 31 |n&pass=password1|0002c0f0 4b 3a c2 1e 8c c3 dd 39 b1 e8 de 46 41 c7 98 76 |K:.....9...FA..v|
Observations
Heartbeat can appear in different phases of the connection setup…
IDS/IPS rules to detect heartbeat have been developed
This does not require a MITM attack
Only ways to protect is to upgrade to fixed version of OpenSSL or to recompile OpenSSL with the handshake removed from the
code.
Am I vulnerable?
• Several services have been made available to test whether Heartbleed affects a given site:• Tenable Network Security wrote a plugin for NESSUS• Qualys added dedicated QIDs and developed SSLTest.com• Nmap security scanner includes a Heartbleed detection script from
version 6.45• Sourcefire has released Snort rules to detect Heartbleed attack traffic
and possible response
However, many services have been claimed to be ineffective for detecting the bug.
…in the news
The Canada Revenue Agency reported the theft of Social Insurance Numbers belonging to 900 taxpayers in 6 hours!
Bloomberg: NSA knew about this!
Bruce Schneier:“Catastrophic is the right word. On the scale of 1 to 10, this is an 11. Half a million sites are vulnerable, including my own.”
OpenSSL Response
Theo de Raadt, founder and leader of the OpenBSD and OpenSSH:
“OpenSSL is not developed by a responsible team."
OpenSSL core developer Ben Laurie:
“OpenSSL is not reviewed by enough people”
Software engineer John Walsh:
"Think about it, OpenSSL only has two fulltime people to write, maintain, test, and review 500,000 lines of business critical code."
OpenSSL Response
OpenSSL foundation’s president, Steve Marquess:
“The mystery is not that a few overworked volunteers missed this bug; the mystery is why it hasn't happened more often."
"The fact that the code change which caused the bug was done by an individual working at 23:00 on a New Year's Eve says a lot. The
code simply wasn't reviewed enough and it went undetected for two years."
Thank you! There is higher chance to be a victim of online crime than real life crime!