Dailydave mailing list archives
Re: SSL MITM fun.
From: Alexander Sotirov <alex () sotirov net>
Date: Thu, 19 Feb 2009 15:07:35 -0500
On Thu, Feb 19, 2009 at 01:04:33PM -0500, Dan Moniz wrote:
On Thu, Feb 19, 2009 at 12:07 PM, Dave Aitel <dave () immunityinc com> wrote:1. Register a .cn address and use unicode character for / and ? to have HTTPS://www.paypal.com/?domain.cn?<some args> validateUnless I'm missing something, this is essentially what Eric Johanson said in 2005 about IDN: http://www.shmoo.com/idn/homograph.txt
Eric used the IDN to register pаypal.com, which was displayed as paypal.com. According to Moxie's presentation, this doesn't work any more because Firefox always shows the non-IDN version of the domain name for the .com TLD. Firefox will show the above domain as xn--pypal-4ve.com. The new idea in this presentation is to use a .cn domain, but use UNICODE characters that look like '/'. The attacker registers a domain like www.google.com/blahblahblah.cn, and since this is a .cn domain, the browser decodes the IDN name and displays the '/' character. Very cool. This means that as long as there is one TLD which allows IDN, attackers can spoof any address in any other TLD. IDN is dead.
3. Sign the leaf cert with your leaf cert. This abuses an implementation flaw in OpenSSL, etc.If you can sit between endpoints, modify traffic, and you control one of the eventual endpoints anyway, and only you're jumping through all these hoops to maintain the illusion for the unsuspecting user, why not just take control of DNS and *actually* MITM SSL?
No, ever if you sit between endpoints you are not necessarily in control of the endpoints. For example, sitting in a Starbucks will let you modify the traffic for other WiFi clients, but you don't have access to the clients themselves. What do you mean by "actually MITM SSL"? The leaf signing attack described above is real MITM on SSL. Alex
Attachment:
_bin
Description:
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- SSL MITM fun. Dave Aitel (Feb 19)
- Message not available
- SSL MITM fun. Dan Moniz (Feb 19)
- Re: SSL MITM fun. Alexander Sotirov (Feb 19)
- Re: SSL MITM fun. Dan Moniz (Feb 19)
- Re: SSL MITM fun. Chris Weber (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Alexander Sotirov (Feb 20)
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- Re: SSL MITM fun. Robert Święcki (Feb 20)
- Message not available
- Re: SSL MITM fun. Michal Zalewski (Feb 20)
- SSL MITM fun. Dan Moniz (Feb 19)
- Message not available
- Re: SSL MITM fun. Michal Zalewski (Feb 19)
- Re: SSL MITM fun. Berend-Jan Wever (Feb 19)
- Re: SSL MITM fun. Fyodor (Feb 19)