Dailydave mailing list archives
Re: SSL MITM fun.
From: Dragos Ruiu <dr () kyx net>
Date: Thu, 19 Feb 2009 12:29:17 -0800
On 19-Feb-09, at 10:04 AM, Dan Moniz wrote:
On Thu, Feb 19, 2009 at 12:07 PM, Dave Aitel <dave () immunityinc com> wrote:This is a good presentation. https://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf Essentially he details 3 attacks (from what I can tell): 1. Register a .cn address and use unicode character for / and ? to have HTTPS://www.paypal.com/?domain.cn?<some args> validateUnless I'm missing something, this is essentially what Eric Johanson said in 2005 about IDN: http://www.shmoo.com/idn/homograph.txt2. Force user to stay on HTTP by MITM proxy that does modifications to the data as it goes through. Send HTTPS to the server, and HTTP to the client. Use a Lock icon as your Faveicon to fool the user they are "secure" even though they see HTTP:// instead o HTTPS:// 3. Sign the leaf cert with your leaf cert. This abuses an implementation flaw in OpenSSL, etc.If you can sit between endpoints, modify traffic, and you control one of the eventual endpoints anyway, and only you're jumping through all these hoops to maintain the illusion for the unsuspecting user, why not just take control of DNS and *actually* MITM SSL?
/me points to Sotirov's et al upcoming presentation in March. I know our editor will be putting up the edited talk descriptions shortly, but an earlier version of the abstract was: Description: Extended Validation (EV) SSL certificates have been touted by Certificate Authorities and browser vendors as a solution to the poor validation standards for issuing traditional SSL certificates. It was previously thought that EV certificates are not affected by attacks that allow malicious hackers to obtain a non-EV SSL certificate, such as the MD5 collision attack or the widely publicized failures of some CAs to validate domain ownership before issuing certificates. Unfortunately, it turns out that the security offered by EV certificates is not any better than the security of even the cheapest $12 SSL certificate. In this talk we will show how any attacker who can obtain a non-EV SSL certificate for a website can perform completely transparent man-in-the-middle attacks on any SSL connection to that site, even if the website is protected is by an EV certificate and the users are diligently inspecting all information contained in the SSL certificates. cheers, --dr -- World Security Pros. Cutting Edge Training, Tools, and Techniques Vancouver, Canada March 16-20 2009 http://cansecwest.com London, U.K. May 27/28 2009 http://eusecwest.com pgpkey http://dragos.com/ kyxpgp _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: SSL MITM fun., (continued)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Alexander Sotirov (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Robert Święcki (Feb 20)
- Message not available
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 19)
- Re: SSL MITM fun. Berend-Jan Wever (Feb 19)
- Re: SSL MITM fun. Fyodor (Feb 19)
- Re: SSL MITM fun. Richard Bejtlich (Feb 20)
- Re: SSL MITM fun. jmoss (Feb 24)
- Re: SSL MITM fun. Dragos Ruiu (Feb 19)