Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers.

Published byStephany Doris Cunningham Modified over 9 years ago

Similar presentations

Presentation on theme: "SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers."— Presentation transcript:

1 SSH/SSL Attacks not on tests, just for fun

2 SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers How can one attack such strong protocols? – Misconfiguration – Vulnerabilities in server code – Weak passwords

3 SSH Brute Force Attacks Find a weak password on SSH server Doesn’t have to be root, just any user’s password will do Log on, attempt to escalate privileges – If this works, great – If it doesn’t work, OK – Perform some malicious activity

4 SSH Brute Force Attacks From https://blog.sucuri.net/2013/07/ssh- brute-force-the-10-year-old-attack-that-still- persists.htmlhttps://blog.sucuri.net/2013/07/ssh- brute-force-the-10-year-old-attack-that-still- persists.html 10 years of running SSH honeypots – servers that serve no real content but are there just to be exploited and to log these exploits – These log all attempted username/pass combinations and all commands the attacker types

5 Frequently Attempted Usernames #attempts #username 9012 root (58%) 179 test (1%) 116 oracle (< 1%) 87 admin 82 info 70 user 69 postgres 68 mysql 68 backup 55 guest 49 web 49 tomcat

6 Frequently Attempted Passwords 365 123456 (2%) 201 password (1%) 114 12345 (<1%) 105 1234 92 root 92 123 84 qwerty 76 test 75 1q2w3e4r 72 1qaz2wsx 66 qazwsx 65 123qwe 58 12 55 123qaz 55 0000 52 oracle 50 1234567 47 123456qwerty 45 password123

7 SSH Brute Force Attacks What do attackers do when they log in? Try sudo for the account they have Create a directory with space for the name in /tmp (so it is invisible when user runs ls) – Download IRC server code – Run IRC server (as regular user)

8 SSL Heartbleed attack Bug in OpenSSL in 2014 It can be exploited on both servers and clients Bug is in handling of Heartbeat Extension – Heartbeats are sent periodically to help keep open SSL connections alive, avoid lengthy certificate and key exchange – A PhD student implemented the code and asked for it to become part of OpenSSL – A developer reviewed the code but didn’t notice a bug in input validation – Google discovered it 2 years later Bug results in memory-overrun Attacker can get contents from memory of the other party, which could be keys, user passwords, etc.

9 `

10 Frankencerts SSL certificates contain a lot of information in addition to key and identity – E.g., certificate version, validity period, name of issuer, purpose of certificate – There are many different implementations for certificate validation – Do different implementations result in different, potentially invalid outputs, for the same certificate? C. Brubaker et al., “Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations”, Proceedings of 2014 IEEE Symposium on Security and Privacy

11 SSL Certificate Chain All these should be sent to the client for verification, along with leaf certificate

12 Validation Steps Check all the issuer fields in the certificate chain – Check that the root is in client’s “root of trust” Check that certificate has not expired Check that it is version 3 certificate. Otherwise, verify through out of band means. Check that CA bit is set in all but leaf cert Check that path length has not been exceeded between the leaf cert. and the current cert. Check that all critical extensions are supported

13 Validation Steps - Examples Check all the issuer fields in the certificate chain – Check that the root is in client’s “root of trust” Check that certificate has not expired Check that it is version 3 certificate. Otherwise, verify through out of band means. Check that CA bit is set in all but leaf cert Check that path length has not been exceeded between the leaf cert. and the current cert. Check that all critical extensions are supported Check for revocation

14 Findings 208 differences between SSL implementations Some accept version 1 or 2 certs they cannot validate Some don’t check the purpose of the certificate, allowing leaf certificates to be used to issue other certificates Some accept certificates with critical extensions that they don’t support Some also report wrong errors, e.g., “cert expired” instead of “invalid cert”

Download ppt "SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations Chad Brubaker1 Suman Jana1 Baishakhi Ray2.

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations Chad Brubaker1 Suman Jana1 Baishakhi Ray2.
CP3397 ECommerce.

CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
SSLstrip Stepan Shykerynets 23.03.2013.

SSLstrip Stepan Shykerynets
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
More Trick For Defeating SSL

More Trick For Defeating SSL
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
ATTACKING AUTHENTICATION The Web Application Hacker’s Handbook, Ch. 6 Presenter: Jie Huang 10/31/2012.

ATTACKING AUTHENTICATION The Web Application Hacker’s Handbook, Ch. 6 Presenter: Jie Huang 10/31/2012.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.

A Third Party Service for Providing Trust on the Internet Work done in 2001 at HP Labs by Michael VanHilst and Ski Ilnicki.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Secure Shell – SSH Tam Ngo Steve Licking cs265. Overview Introduction Brief History and Background of SSH Differences between SSH-1 and SSH- 2 Brief Overview.

Similar presentations

Ads by Google