Solved

ssl interception?!

Posted on 2009-04-08
18
1,202 Views
Last Modified: 2012-05-06
Hi,

I have a question regarding SSL encryption.  I was listening to a podcast that claimed it was  possible to use a technology to "decrypt" or interrupt the SSL process to gain access to the communication.  

I think it was explained that someplace in between the client the the destination server a technology interrupts the public key cryptology hand shaking process.

Can anyone tell me what the name of this technology is?  If this is true then SSL is not really an acceptable technology for credit card data/pii data communications especially when an employee is overseas.

Can anyone confirm and name this technology with a link....

0
Comment
Question by:NYGiantsFan
  • 9
  • 9
18 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 24105686
Yes, it is possible to do this.

There are three circumstances where this is possible, and all require some co-operation from either the server or the client.

first, if you have access to the server's private key, you can use wireshark to decrypt Internet Explorer (but not firefox) traffic. this is not a practical attack against a bank, as they would not supply you with their server's private key.

second, there is an ssl interception technology that relies on *not* intercepting ssl - I know that sounds like a contradiction in terms, but bear with me. Many sites start out with an insecure page -  a http page - which then performs a login securely. SSLstrip relies on that behaviour, and rewrites the insecure page "on the fly" to cause the "secure login" to go to the relay, rather than the bank site - the relay then completes the loop with the bank, and performs the login by proxy. sslrelay is available here:

http://www.thoughtcrime.org/software/sslstrip/

and the requirement for a practical attack is that you do not directly enter an https url into your browser before logging in, and do not verify where your browser is going after login - so it relies on inattention from the user.

Finally, there are ssl intercepting proxies, which can be transparent - what these do is intercept the real https request, and reply with a faked certificate (containing the same fields as the real certificate, but their own CA details, public key and signature) then act as a regular proxy only over https. The requirement for this is that the client accept (either directly or by having had a copy of the CA key added to their keystore) the altered certificate. Ironport do a commercial product for this, and there are a few modules for Squid proxy that can do it also.
0
 

Author Comment

by:NYGiantsFan
ID: 24108101
Ok, so the client would need to accept a certificate that was not from the original server.  This would be the give away?  My concern is of employees who are sent to theoretical country of Atlantis.  They check into a hotel in Atlantis and use the internet service offered by the same.  However, Atlantis Intell has a SSL interecepting proxy inbetween.  Thus all communication that employee would have, would be compromised.  

The employee would be able to tell that an SSL proxy has been used by details of the certificate.  Is that correct?  However, I am guessing it is possible for the SSL intercepting proxy to create nearly impossible to ID forgeries.  

Do corpoate SSL interception enterprise solutions exist?



Would you say that is correct?

It seems that SSL is a really unsecure technology.
0
 
LVL 33

Assisted Solution

by:Dave Howe
Dave Howe earned 500 total points
ID: 24113093
yes, the client would need to accept the certificate, and that would be the give away, unless the attacker could persuade (or force, in the case of a government) an accepted commercial CA to issue it a intermediate CA certificate, so that the certificates it forges are automatically accepted.

Yes, corporate SSL interception proxies exist, and the ironport web appliance is an example

Explaining why this doesn't mean ssl is insecure requires that you first understand how a browser decides if a ssl certificate is "valid" or not.

In ssl terms, a certificate *must* be signed by another certificate - the very very top level certificates (those of CAs) are signed by themselves.

each browser has a list of which certificates are to be considered valid - the root store. in internet explorer, you can reach this by going to the internet options page, content tab, and looking for the "certificates" button.

a certificate is considered valid if it either
a) is in the certificate store or
b) is signed by a chain of certificates, the top one of which is in the certificate store.

now, corporate solutions get around this by forcing out the certificate (using domain policy or scripting) to each machine on the network. then, when the proxy fakes a certificate, it is checked against this force-installed CA, and is considered valid. A random attacker however can't force you to install a CA certificate for him, so you would normally get difficult-to-dismiss certificate validity errors.
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:NYGiantsFan
ID: 24115627
so, an employee in atlantis who has no idea what he is doing and just accepts any certificate, is a major weakness in the system.

This is very interesting. Thank you for your response.

0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 24116021
 Yes, its the key weakness to the system - technically, its perfect; if all URLs are entered correctly as HTTPS, and if no user ever accepts an uncertified certificate, and if no certified certificates are ever issued which are not legitimate, then it is 100% secure.

  Unfortunately, site providers like to make as much of their site http as possible - as its cheaper in cpu and bandwidth; users tend to hit buttons that make annoying messages go away irrespective of if that compromises security, and CAs can't be relied on to act in favour of security if it compromises profit.

  In your case, you have more control; they are your users, you can train them and if required, replace their browser with a custom app that checks the certificate against a reference copy (instead of relying on the CA) and doesn't permit override of any discrepancy, and you can preload the url as https rather than going via a http page.
0
 

Author Comment

by:NYGiantsFan
ID: 25118399
Dave, thank you for your assistance with this.  I get the run around from certain  types telling me this information is classified or that I am not technically sound in my understanding.  Your information makes me more confident in myself.  Thank you again.

I wish I could train overseas people on this, however management, with 3 credits FORTRAN 20 years ago is sure that I don't know what I am talking about.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25118594
Such is life. On the whole, SSL is secure - however, its like saying that, on the whole, fire is safe - in a controlled environment, where everyone concerned is paying attention, and is aware of the consequences of their actions, you have nothing to worry about. However, environmental factors, user inattention (and lets be frank here, stupidity - many will hit *any* button that makes an error go away, often without reading it, as it is "getting in the way") can lead to failure.

The classic demonstration application here would be webscarab; http://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

you will get a fairly clear warning *every* time you access a https site via the webscarab proxy - there is no real way to turn that off without first hacking the code - but in addition, it will happily log every transaction you make, https or not. its a very handy diagnostic tool - and I use it frequently for that - but equally, if someone is stupid enough to ignore the warning and go ahead and use the website anyhow, you will have their login username and password, right in clear text, in the log.
0
 

Author Comment

by:NYGiantsFan
ID: 25118925
Part of the problem is that a certain organization uses self signed certificates, thus "this certificate looks wrong message" is clicked through.  So the employees just click through any warning message that comes up regarding the certificate not being correct.

So the employees are trained to ignore messed up certificates.

0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25119027
cool. so why not take advantage of that for a demonstration?

Do you have access to the dns or dhcp servers? if so, impose a pac (wpad) file to the network to redirect traffic via webscarab, have your boss access some secure site with a username and password, then show him the webscarab log with his username and password in plain sight....
0
 

Author Comment

by:NYGiantsFan
ID: 25119496
No, they took my SA credentials away when I pointed out that hackers had penetrated the high tech first generation firewall.  



0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25121319
so - the correct solution to someone pointing out their systems have been compromised is to take away the ability of that person to see the logs?

I take it you are distributing your CV widely to get away from the inevitable train wreck?
0
 

Author Comment

by:NYGiantsFan
ID: 25122892
Just the tip of the iceberg.  I am going to do some reading on Webscarab when I get some free time.

I am working on getting out.

Thanks again for your help.  
0
 

Author Comment

by:NYGiantsFan
ID: 25122966
Dave,

One last question, what message does a user see when he/she uses https and the Webscarab tool is used?

Do you have a blog or website on the internet?

Thanks for you again.
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25122991
the webscarab tool presents its own certificate, clearly labelled as "webscarab",in place of the correct one for the target site.

and no, I don't blog; I forum, I nntp, but not blog :)
0
 

Author Comment

by:NYGiantsFan
ID: 25123116
so the certificate says webscarab, so it doesn't seem too difficult to modifiy this application to create certificates names on the fly such as "thefakecert.yourwebsitename.com"
0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25123831
yup. and in fact, the corporate equivalents visit the target site, copy the certificate, change the public key to their own, then digitally sign that with their own CA certificate (which means, if you have pushed out that cert to all workstations, the process is completely transparent and gives no errors at all)

the restriction in webscarab is deliberate - it isn't meant to be a hacking tool, it is meant to be a diagnostic tool used with the full consent of everyone concerned.
0
 

Author Comment

by:NYGiantsFan
ID: 25123926
Dave, do you have a way to reach you privately?

0
 
LVL 33

Expert Comment

by:Dave Howe
ID: 25124007
you can always email me on DaveHowe.Pentest(at)googlemail.com
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Explore the encryption capabilities built into Google Apps and how these features can help you meet privacy policy and regulatory compliance, but are not a full solution. Understand and compare the most popular email encryption services for Google A…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question