SSLstrip Stepan Shykerynets 23.03.2013.

Slides:



Advertisements
Similar presentations
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Advertisements

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
More Trick For Defeating SSL
“Defeating SSL” Impact of Hash collisions on cyber security By vaibhav.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
DNS and HTTPs ACN Presentation. Domain Names We refer to computers on the Internet (Internet hosts), by names like: sharda.ac.in These are called domain.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.
Online Security Tuesday April 8, 2003 Maxence Crossley.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Introduction To Windows NT ® Server And Internet Information Server.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
Configuring Active Directory Certificate Services Lesson 13.
Public Key Encryption An example of how a bank might accomplish encryption.
CSCI 6962: Server-side Design and Programming
Course 201 – Administration, Content Inspection and SSL VPN
IT:Network:Applications.  Single Key (Symmetric) encryption ◦ One “key” or passphrase used to encrypt and decrypt ◦ FAST – good for large amounts of.
AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.
Threat Management Gateway 2010 Questo sconosciuto? …ancora per poco! Manuela Polcaro Security Advisor.
Digital Certificates Made Easy Sam Lutgring Director of Informational Technology Services Calhoun Intermediate School District.
Secure Socket Layer (SSL)
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2015.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Module 9: Fundamentals of Securing Network Communication.
Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.
NDSU Lunchbytes "Are They Really Who They Say They Are?" Digital or Electronic Signature Information Rick Johnson, Theresa Semmens, Lorna Olsen April 24,
Building Security into Your System Bill Major Gregory Ponto.
SSL(Secure Socket Layer) Guided By:- Presented By:- Richard Sinn Jimmy Mehta
Security (and privacy) Larry Rudolph With help from Srini Devedas, Dwaine Clark.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
PHP Secure Communications Web Technologies Computing Science Thompson Rivers University.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Pertemuan #10 Secure HTTP (HTTPS) Kuliah Pengaman Jaringan.
Can SSL and TOR be intercepted? Secure Socket Layer.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Measures to prevent MITM attack and their effectiveness CSCI 5931 Web Security Submitted By Pradeep Rath Date : 23 rd March 2004.
© Copyright 2009 SSLPost 01. © Copyright 2009 SSLPost 02 a recipient is sent an encrypted that contains data specific to that recipient the data.
SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
LAB#8 PKI & DIGITAL CERTIFICATE CPIT 425. Public Key Infrastructure PKI 2  Public key infrastructure is the term used to describe the laws, policies,
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
Setting and Upload Products
SSL Certificates for Secure Websites
IT443 – Network Security Administration Instructor: Bo Sheng
How to Check if a site's connection is secure ?
Using SSL – Secure Socket Layer
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
The Secure Sockets Layer (SSL) Protocol
A Programmer’s Guide to Secure Connections
Presentation transcript:

SSLstrip Stepan Shykerynets

! Attention

Private / Public key Public key Private key SERVERCLIENT

Private / Public key Public key Private key SERVERCLIENT Public keyCA

Private / Public key Public key Private key SERVERCLIENT Public key CA

Private / Public key MessagePublic key Encrypted message Private keyMessage

SSL And Certificate Chaining

Certificate X509 Certificate version serial number issuer validity subject public key Signature algorithm Signature

Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature

Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature. Intermediate CA Not embedded in browser. Still sort of all-powerful. Certifies that a site certificate is authentic

Certificate Chaining VeriSign Facebook.com Intermediate CA

Certificate Chains Can Be > 3 VeriSign Facebook.com Intermediate CA

How do we validate these things? Verify that the leaf node has the name of the site you're connecting to. Verify that the leaf node hasn't expired. Check the signature. If the signing certificate is in our list of root CA's, stop. Otherwise, move one up the chain and repeat

Very tempting to use a simple recursive function. Everyone focuses on the signature validation. The result of a naive attempt at validation is a chain that is complete, but nothing more

What if … VeriSign hack.org Intermediate CA

What if … VeriSign hack.org Intermediate CA Facebook.com

What they say : Verify that the leaf node has the name of the site you're connecting to. Verify that the leaf node hasn't expired. Check the signature. If the signing certificate is in our list of root CA's, stop. Otherwise, move one up the chain and repeat

But … All the signatures are valid Nothing has expired The chain is in fact The root CA is embedded in the browser and trusted

The missing piece

The missing piece !

The missing piece

Most CA's didn't explicitly set basic Constraints: CA=FALSE A lot of web browsers and other SSL implementations didn't bother to check it, whether the field was there or not Any one with a valid leaf node certificate could create and sign a leaf node certificate for any other domain

But we have one problem

Smart browsers

People are …

People are … LAZY

SSLsniff

SSLsniff Intercept a connection from the client side. Generate a certificate for the site it is connecting to. Sign in with any random valid leaf node certificate. Pass that certificate chain to the client. Make normal SSL connection to the server. Pass data between client and server, decrypting and encrypting on each end

Web browsing SSL is almost never encountered directly. It is either encountered as a result of: A 302 redirect from HTTP URL to an HTTPS URL. An HTTPS link that a user click on from an HTTP page

SSLstrip Watch HTTP traffic go by. Switch to and keep a map of what you've changed. Switch Location: to Location: and keep a map of what you've changed

SSLstrip Watch HTTP traffic go by. When we seen an HTTP request for URL that we've stripped, proxy that out as HTTPS to the server. Watch the HTTPS traffic go by, log everything that we want, and keep a map of all relative, CSS and JS links that go by

SSLstrip The server never knows the difference. Everything looks secure on their end. The client doesn't display any of the disastrous warnings that we want to avoid. We see all the traffic

Let's simplify it…

Time to action

BackTrack : Giving Machine Guns to Monkeys since

Tools SSLstrip ARPspoof Ettercap

Commands #bt echo "1" > /proc/sys/net/ipv4/ip_forward # bt iptables -t nat -A PREROUTING -p tcp -- destination-port 80 -j REDIRECT --to-port #bt sslstrip -a -l w log.txt –f # arpspoof -i -t # ettercap -T –q –i

Protection Google services High protection network equipment Checking site certificates

Stepan Shykerynets

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.