Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSLstrip Stepan Shykerynets 23.03.2013.

Published byLeah Hauke Modified over 9 years ago

Similar presentations

Presentation on theme: "SSLstrip Stepan Shykerynets 23.03.2013."— Presentation transcript:

1 SSLstrip Stepan Shykerynets http://wisc.org.ua/ 23.03.2013

2

3

4

5 ! Attention http://wisc.org.ua/ 23.03.2013

6

7

8

9

10 Private / Public key Public key Private key SERVERCLIENT http://wisc.org.ua/ 23.03.2013

11 Private / Public key Public key Private key SERVERCLIENT Public keyCA http://wisc.org.ua/ 23.03.2013

12 Private / Public key Public key Private key SERVERCLIENT Public key CA http://wisc.org.ua/ 23.03.2013

13 Private / Public key MessagePublic key Encrypted message Private keyMessage http://wisc.org.ua/ 23.03.2013

14 SSL And Certificate Chaining http://wisc.org.ua/ 23.03.2013

15 Certificate X509 Certificate version serial number issuer validity subject public key Signature algorithm Signature http://wisc.org.ua/ 23.03.2013

16 Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature. http://wisc.org.ua/ 23.03.2013

17 Certificate Chaining CA Certificate Embedded in browser. All powerful. Certifies that a site certificate is authentic. Site Certificate Identifies a particular URL. Is known to be authentic based on CA Certificate's signature. Intermediate CA Not embedded in browser. Still sort of all-powerful. Certifies that a site certificate is authentic. http://wisc.org.ua/ 23.03.2013

18 Certificate Chaining VeriSign Facebook.com Intermediate CA http://wisc.org.ua/ 23.03.2013

19 Certificate Chains Can Be > 3 VeriSign Facebook.com Intermediate CA http://wisc.org.ua/ 23.03.2013

20 How do we validate these things? Verify that the leaf node has the name of the site you're connecting to. Verify that the leaf node hasn't expired. Check the signature. If the signing certificate is in our list of root CA's, stop. Otherwise, move one up the chain and repeat. http://wisc.org.ua/ 23.03.2013

21 Very tempting to use a simple recursive function. Everyone focuses on the signature validation. The result of a naive attempt at validation is a chain that is complete, but nothing more. http://wisc.org.ua/ 23.03.2013

22 What if … VeriSign hack.org Intermediate CA http://wisc.org.ua/ 23.03.2013

23 What if … VeriSign hack.org Intermediate CA Facebook.com http://wisc.org.ua/ 23.03.2013

24 What they say : Verify that the leaf node has the name of the site you're connecting to. Verify that the leaf node hasn't expired. Check the signature. If the signing certificate is in our list of root CA's, stop. Otherwise, move one up the chain and repeat. http://wisc.org.ua/ 23.03.2013

25 But … All the signatures are valid Nothing has expired The chain is in fact The root CA is embedded in the browser and trusted http://wisc.org.ua/ 23.03.2013

26 The missing piece http://wisc.org.ua/ 23.03.2013

27 The missing piece ! http://wisc.org.ua/ 23.03.2013

28 The missing piece http://wisc.org.ua/ 23.03.2013

29 Most CA's didn't explicitly set basic Constraints: CA=FALSE A lot of web browsers and other SSL implementations didn't bother to check it, whether the field was there or not Any one with a valid leaf node certificate could create and sign a leaf node certificate for any other domain. http://wisc.org.ua/ 23.03.2013

30 But we have one problem http://wisc.org.ua/ 23.03.2013

31 Smart browsers http://wisc.org.ua/ 23.03.2013

32 People are … http://wisc.org.ua/ 23.03.2013

33 People are … LAZY http://wisc.org.ua/ 23.03.2013

34 http://... https://... http://wisc.org.ua/ 23.03.2013

35 SSLsniff http://wisc.org.ua/ 23.03.2013

36 SSLsniff Intercept a connection from the client side. Generate a certificate for the site it is connecting to. Sign in with any random valid leaf node certificate. Pass that certificate chain to the client. Make normal SSL connection to the server. Pass data between client and server, decrypting and encrypting on each end. http://wisc.org.ua/ 23.03.2013

37 Web browsing SSL is almost never encountered directly. It is either encountered as a result of: A 302 redirect from HTTP URL to an HTTPS URL. An HTTPS link that a user click on from an HTTP page. http://wisc.org.ua/ 23.03.2013

38 SSLstrip Watch HTTP traffic go by. Switch to and keep a map of what you've changed. Switch Location: https:// to Location: http:// and keep a map of what you've changed. http://wisc.org.ua/ 23.03.2013

39 SSLstrip Watch HTTP traffic go by. When we seen an HTTP request for URL that we've stripped, proxy that out as HTTPS to the server. Watch the HTTPS traffic go by, log everything that we want, and keep a map of all relative, CSS and JS links that go by. http://wisc.org.ua/ 23.03.2013

40 SSLstrip The server never knows the difference. Everything looks secure on their end. The client doesn't display any of the disastrous warnings that we want to avoid. We see all the traffic. http://wisc.org.ua/ 23.03.2013

41 Let's simplify it…

42 Time to action http://wisc.org.ua/ 23.03.2013

43 BackTrack : Giving Machine Guns to Monkeys since 2006 http://wisc.org.ua/ 23.03.2013

44 Tools SSLstrip ARPspoof Ettercap http://wisc.org.ua/ 23.03.2013

45 Commands #bt echo "1" > /proc/sys/net/ipv4/ip_forward # bt iptables -t nat -A PREROUTING -p tcp -- destination-port 80 -j REDIRECT --to-port 10000 #bt sslstrip -a -l 10000 -w log.txt –f # arpspoof -i -t # ettercap -T –q –i http://wisc.org.ua/ 23.03.2013

46 Protection Google services High protection network equipment Checking site certificates http://wisc.org.ua/ 23.03.2013

47 Stepan Shykerynets SShykerynets@gmail.com

Download ppt "SSLstrip Stepan Shykerynets 23.03.2013."

Similar presentations

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
More Trick For Defeating SSL

More Trick For Defeating SSL
“Defeating SSL” Impact of Hash collisions on cyber security By vaibhav.

“Defeating SSL” Impact of Hash collisions on cyber security By vaibhav.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
DNS and HTTPs ACN Presentation. Domain Names We refer to computers on the Internet (Internet hosts), by names like: sharda.ac.in These are called domain.

DNS and HTTPs ACN Presentation. Domain Names We refer to computers on the Internet (Internet hosts), by names like: sharda.ac.in These are called domain.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.

A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.

Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.

SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.

Similar presentations

Ads by Google