Upload
daniel-schneller
View
1.830
Download
2
Embed Size (px)
Citation preview
No,$thank$you!MAN$IN$THE$MIDDLE$?
Daniel$Schneller$–$CenterDevice$GmbH
SSL$–$and$you’re$done™
SSL$–$and$you’re$done™
SSL$–$and$you’re$done™
…are$you?
Mac$App$Store
Mac$App$Store
Mac$App$Store
Outbank
What$happened$to$SSL?
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
Root$CA$Cer)ficate
SSL$–$Chain$of$Trust
Root$CA$Cer)ficate
$Intermediate$CA$Cer)ficate(s)issues
SSL$–$Chain$of$Trust
Root$CA$Cer)ficate
$Intermediate$CA$Cer)ficate(s)
Leaf$Cer)ficate
issues
issues
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
SSL$–$Chain$of$Trust
Just$how$many$Root$CAs$are$there?
System$Roots
System$Roots
System$Roots
Windows$8:$~350Mozilla:$~160iOS$6:$~220
Man$In$The$Middle?
Man$In$The$Middle
[Corporate]$Proxy Client
Man$In$The$Middle
[Corporate]$Proxy Client
Man$In$The$Middle
[Corporate]$Proxy Client
Man$In$The$Middle
Website [Corporate]$Proxy Client
Man$In$The$Middle
Website [Corporate]$Proxy Client
Man$In$The$Middle
Website [Corporate]$Proxy Client
Man$In$The$Middle
Website [Corporate]$Proxy Client
Man$In$The$Middle
Man$In$The$Middle
Man$In$The$Middle
Man$In$The$Middle
Man$In$The$Middle
Man$In$The$Middle
Consequences
•Monitoring
•ManipulaZon
• Sent$and$received$data$affected
• Chain\Of\Trust$formally$verified
Good$and$evil
• Debugging
• Reverse$Engineering
• Security$Audits
• Learning$and$Understanding
ReST$Debugging
Good$and$evil
• Phishing
• IdenZty$The`
• Industrial$Espionage
• …
Mac$App$Store
Mac$App$Store
Mac$App$Store
iTunes
iTunes
iTunes
Demo$1
Video$1
Video$2
Countermeasures
Reference$CerZficates
Reference$CerZficates
• Client$bundles$server$cerZficate$as$a$reference
• Compare$reference$and$cerZficate$sent$by$the$server$
• Connect$only$when$there’s$a$perfect$match
Reference$CerZficates
$Client$App$Server
Reference$CerZficates
$Client$App$Server
==
Reference$CerZficates
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
• Step$1:$$Validate$Chain\of\Trust
Reference$CerZficates
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
• Step$1:$$Validate$Chain\of\Trust
Reference$CerZficates
• Step$1:$$Validate$Chain\of\Trust
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
Reference$CerZficates
• Step$1:$$Validate$Chain\of\Trust
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
Reference$CerZficates
• Step$1:$$Validate$Chain\of\Trust
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
Reference$CerZficates
• Step$1:$$Validate$Chain\of\Trust
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
NSString *refPath = [[NSBundle mainBundle] pathForResource:@"reference" ofType:@"der"];
NSData *refCertData = [[NSData alloc] initWithContentsOfFile:refPath];
Reference$CerZficates
• Step$2:$Load$Reference$CerZficate
NSString *refPath = [[NSBundle mainBundle] pathForResource:@"reference" ofType:@"der"];
NSData *refCertData = [[NSData alloc] initWithContentsOfFile:refPath];
Reference$CerZficates
• Step$2:$Load$Reference$CerZficate
Reference$CerZficates
• Step$2:$Load$Reference$CerZficate
NSString *refPath = [[NSBundle mainBundle] pathForResource:@"reference" ofType:@"der"];
NSData *refCertData = [[NSData alloc] initWithContentsOfFile:refPath];
Reference$CerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
• Step$3:$Compare$cerZficates
Reference$CerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
• Step$3:$Compare$cerZficates
Reference$CerZficates
• Step$3:$Compare$cerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
Reference$CerZficates
• Step$3:$Compare$cerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
Reference$CerZficates
• Step$3:$Compare$cerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
Reference$CerZficates
• Step$3:$Compare$cerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
Reference$CerZficates
• Step$3:$Compare$cerZficates
BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); found = [refCertData isEqualToData:certData];}
Demo$2
Video
FingerprinZng
FingerprinZng
• Similar$to$Reference$CerZficate$approach
• Compares$CerZficate$Fingerprint$against$reference$value
• Server$CerZficate$not$needed$in$the$client
• Example:$$Apple$So`ware$Update
FingerprinZng$
$Client$App$Server
1122 3344 55667788 9900 AABBCCDD EEFF 9988
7766
SHA-1 Hash
FingerprinZng$
$Client$App$Server
1122 3344 55667788 9900 AABBCCDD EEFF 9988
7766
SHA-1 Hash
FingerprinZng$
$Client$App$Server
==1122 3344 55667788 9900 AABBCCDD EEFF 9988
7766
SHA-1 Hash
1122 3344 55667788 9900 AABBCCDD EEFF 9988
7766
FingerprinZng
• Schrie$1:$Chain\of\Trust$validieren
SecTrustResultType evaluationResult;OSStatus status = SecTrustEvaluate(srvTrust, &evaluationResult);
if (status == errSecSuccess) { if (evaluationResult == kSecTrustResultUnspecified) {
// ...
}}
FingerprinZng
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
• Schrie$2:$Fingerprint$berechnen
FingerprinZng
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
• Schrie$2:$Fingerprint$berechnen
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
FingerprinZng
• Schrie$2:$Fingerprint$berechnen
static NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);
for (CFIndex j = 0; j < crtCount && !found; j++) { SecCertificateRef cert = SecTrustGetCertificateAtIndex(srvTrust, j); NSData* certData = CFBridgingRelease(SecCertificateCopyData(cert)); NSString* fingerprint = [self sha1:certData]; found = [kReferenceFP isEqualToString:fingerprint]}
Demo$3
Video
Caveats
Caveats
• Change$of$CerZficate
• Expired
• Compromised
• Update$app$with$plenty$of$lead$Zme
• Temporarily$accept$old$and$new$cerZficates
VariaZon
VariaZon
• Check$Root\CerZficate$against$reference
• Trade\Off:$Flexibility$vs.$Security
• Updates$only$required$when$changing$Root\CA
Conclusions
Conclusions
• SSL$provides
• ConfidenZality$(encrypted)
• AuthenZcity
• CA$system$(usually)$suffiecient
•More$Security$=$More$Work
Make$informed$decisions!
Links
Sample,Code
•github.com/dschneller/mitm\no\thank\you
Tools
•github.com/ADVTOOLS/ADVcerZficator
•github.com/ADVTOOLS/ADVTrustStore
•www.apple.com/support/iphone/enterprise
•technet.microso`.com/en\us/library/cc754841.aspx
LinksTLS,Session,Cache
•developer.apple.com/library/ios/#qa/qa1727
Root6CA,Lists
•support.apple.com/kb/HT5012
•www.mozilla.org/projects/security/certs/included/
•social.technet.microso`.com/wiki/contents/arZcles/14215.windows\and\windows\phone\8\ssl\root\cerZficate\program\member\cas.aspx
•Android:$Sepngs–Security–Trusted$CredenZals
Thank$you!
That’s$all.$Really.$:)
Demo$1Standard$SSL,$MITM$Root\CA$not$installiert
zurück