The life and times of Hanz Ostmaster

By Hanz Ostmaster

Chaim Sanders Trustwave

Security Researcher Member of Spiderlabs Research Web Server Security Team Offer support, development, and consulting for ModSecurity Supports the OWASP Core Rule Set Work with Trustwave WAF

Rochester Institute of Technology Professor (Cryptography and Web Security)

Prior Security Consulting (Pentesting, Red-teaming, Code Review, etc) Governmental Consulting

Background

Crypto and you

Generally speaking the area of research regarding secret writing and methods for attacking these secret writings has been of interest Cryptography – Development of enciphered writings Cryptanalysis – Attacking of enciphered writing schemes

Why do I care? Since the mid 80’s we’ve seen cryptographic systems evolve from

tools of military interest to common usage within our daily lives. To counter this many (governmental) organizations that have

come to rely on their ability to in some way compromise crypto.

Asymmetric Crypto

There are many different areas of Cryptography

Asymmetric Crypto and this talk

One of the biggest uses of asymmetric crypto into todays infrastructure is for securing communication between webservers Why might this be of interest? How do we ensure speed?

Asymmetric crypto has two very nice features One is scale, as we previously discussed The other is that they often have support for digital signatures

What is a digital signature.

What is SSL

SSL stands for Secure Sockets Layer and it is a standard security technology for establishing an encrypted link between a server and a client

First SSL Certificate was created in 1994 by Netscape Communications

SSL Certificate issuers are called Certificate Authority or CA’s SSL allows sensitive information such as credit card numbers and

social security numbers to be transmitted securely Required by the Payment Card Industry (PCI) to have an SSL

Certificate Main component of SSL Certificates are keys which are the Public and

Private key

Design Requirements of Asymmetric System The main design requirement is that all parties trust

this Certificate Authority Additionally, the certificate authority must only

issue certificates to legitimate hosts The question becomes how does a CA like Symantec verify

that individuals are responsible for legitimatize hosts. This is the interest of todays talk.

Host verification

There are a number of different methods that ICANN has specified for allowing CA’s to verify users: HTTP Validation – Can be performed by uploading a special

text/html file into the root directory of the domain name. DNS-based validation - For this validation method you need

to create a certain CNAME record in the DNS settings of your domain.

Email Validation – Users will be validated by an email that belongs to the domain

Email based authentication

Until late 2015 the email addresses that were allowed to be specified by the CA. This might be an interesting problem Cert Vulnerability note 591120 (March 27th 2015) Multiple SSL certificate authorities use predefined email

addresses as proof of domain ownership 16 certificate authorities were listed as affected (others unknown)

What is the problem If an admin is not aware of sensitive email addresses and assigns

them this can lead to a certificate being issued for their domain

Problem Children

admin@yourdomain.com administrator@yourdomain.com webmaster@yourdomain.com ssladmin@yourdomain.com root@yourdomain.com hostmaster@yourdomain.com postmaster@yourdomain.com ssladministrator@yourdomain.com it@yourdomain.com

The Fix

Most documents including the Mozilla CA Certificate Inclusion Policy and the CA/Browser baseline requirement documents the addresses that can be used should be limited to those specified in RFC2142 MAILBOX NAMES FOR COMMON SERVICES, ROLES AND FUNCTIONS

The only exception is also the domain listed in the WHOIS contact This largely solved the underlying problem but every CA in

existence needs to update their policies otherwise the issue isn’t fixed

This is mostly a problem where people can choose their own email registration names or they are given based on a known theme. Hence the title.

The problem shown.

An exercise best left to the reader

Now all you would have to do is find a CA that still allows registering that email address and poof mail.rit.edu SSL cert.

With the update

What are these addresses

PostMaster@example.com Reserved for SMTP

Hostmaster@example.com Reserved for DNS

Webmaster@example.com Reserved for Web

The new problem

Not everyone realizes that these addresses must be registered when setting up a webserver that will use SSL Or email that will use SSL, etc.

These email addresses are not well known. For instance hostmaster is no a widely recognized email address

A New Twist on a New Problem

If these are registered then we are fine. But is there a situation where we might still be able

to access other peoples email? Where individuals might forget about this concept?

Enter Bill Stackpole

Anonymous email access

Breaking the bank

Mailinator is actually the only one I haven’t broken yet. Well this isn’t strictly speaking true…

However often these are so simple where I can just search hostmaster@xyz.com

Other issues

Often these are slightly more secure and require that I be clever.

However… Often these systems will try and be intelligent about their

email address understand, but not about security For instance, spaces, dots, null characters, etc.

Just a few off my hit list

Recently in the news

General Fixes

Don’t allow email verification Communication among CAs would prevent this

It will also help security as a whole Pinning certificates