Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

proxy2: HTTPS pins and needles

2015/05/09 すみだセキュリティ勉強会 2015#1

  • Loggen Sie sich ein, um Kommentare anzuzeigen.

proxy2: HTTPS pins and needles

  1. 1. PROXY2: HTTPS PINS AND NEEDLES 2015/05/09 すみだセキュリティ勉強会 2015#1 @INAZ2
  2. 2. ABOUT ME • @inaz2 • Security engineer & Python programmer • Girl idol freak • Blog: ももいろテクノロジー • http://inaz2.hatenablog.com/ 2
  3. 3. HTTPS EVERYWHERE [GOOGLE I/O 2014] • http://lanyrd.com/2014/io14/sdcgyb/ 3
  4. 4. HTTPS = HTTP OVER SSL/TLS [RFC 2818] • http://lanyrd.com/2014/io14/sdcgyb/ 4
  5. 5. SSL/TLS AUTHENTICATION • Certificate Authority (CA) issues the signed certificate for subject’s public key • Clients trust some root CAs beforehand • Clients verify the chain of certificates until it reaches the trusted root CA 5 Client Server CA Root CA Verify each signature by issuer’s public key Private key Public key signature = ENCRYPT(HASH(certificate content), privkey) sign
  6. 6. SSL/TLS ENCRYPTION • A client generate a session key (e.g. AES key) • The client and the server share the session key • By the key exchange algorithm (e.g. RSA or ECDHE) • After all, the payload is encrypted by the session key 6 Client Server Payload Session key (shared by each other)
  7. 7. WE CANNOT SEE HTTPS PAYLOADS AS IS • In Wireshark 1.12.4 7
  8. 8. DECRYPTING HTTPS PAYLOADS IN WIRESHARK • Register the destination server’s private key • Need to own the server • If I have Google’s private key, I will be in the jail • Only works when RSA key exchange is used • Ineffective against ECDHE key exchange (because of forward secrecy) 8
  9. 9. SSLKEYLOGFILE ENVIRONMENT VARIABLE • Make the browsers write session keys in a file • Configure Wireshark to use the file for decrypting • Don’t have to own the server & works with any key exchange algorithms 9
  10. 10. ANOTHER WAY… HTTPS PROXY • Intercept HTTPS connection by Man-in-the-Middle • The proxy terminates HTTPS connection and reconnects to the opposite • The proxy can decrypt the payload by its private key 10 Client Proxy w/ CA Internet sites HTTPS HTTPS I’ll trust the proxy! Decrypt all traffic! Hello, proxy.
  11. 11. FIDDLER, BURP PROXY, OWASP ZAP ETC. • Useful proxies for web vulnerability testing • All supports HTTPS • Programmable to some extent • But GUI • Basically they require user interactions 11
  12. 12. THERE’S A NEED FOR THE TOOL WITHOUT CLICKING 12
  13. 13. PROXY2
  14. 14. SONG 2 BY BLUR • https://www.youtube.com/watch?v=SSbBvKaM6sk • “I got my head checked By a jumbo jet It wasn't easy But nothing is No” 14
  15. 15. PROXY2 • https://github.com/inaz2/proxy2 • HTTP/HTTPS proxy in a single python script • A successor of SimpleHTTPProxy [sumidasec 2013/12] • Built on top of Python standard libraries (BaseHTTPServer, httplib, ssl etc.) • HTTPS features depend on OPENSSL(1) • Fully programmable by implementing handler functions in Python • Trace HTTPS payloads • Modify HTTPS payloads • Save HTTPS payloads or stats to the storage 15
  16. 16. NEED TO TRUST IT AS A PRIVATE CA • Execute “setup_https_intercept.sh” and run proxy2 • Configure the browser’s proxy setting • Then access to http://proxy2.test/ 16
  17. 17. TRACE HTTPS PAYLOADS • Implemented and enabled by default • Print headers and POST data with color • Pretty-output query parameters, Cookies and JSON data • Show the title of a HTML document • Decode the credential of basic auth 17
  18. 18. SERVER, X-POWERED-BY, VIA • http://hhvm.com/blog/7205/wikipedia-on-hhvm 18
  19. 19. SERVER, X-POWERED-BY, VIA • http://hhvm.com/blog/7205/wikipedia-on-hhvm 19 Nginx/1.6.2 with HHVM/3.3.1 3 reverse proxies (Varnish Cache) ?
  20. 20. 20
  21. 21. X-REQUEST-ID, X-RUNTIME, X-SERVED-BY 21
  22. 22. X-REQUEST-ID, X-RUNTIME, X-SERVED-BY 22 The request 1f03c5 was responded by the server e68303 and it took 6.5 milliseconds
  23. 23. PRIVATE API ENDPOINT • Content-Type seems wrong 23
  24. 24. GMAIL LOGIN 24
  25. 25. GMAIL LOGIN 25
  26. 26. YOUTUBE’S SPF (STRUCTURED PAGE FRAGMENTS) • https://youtube.github.io/spfjs/ 26
  27. 27. YOUTUBE’S SPF (STRUCTURED PAGE FRAGMENTS) • https://youtube.github.io/spfjs/ 27
  28. 28. MODIFY HTTPS PAYLOADS • Change the User-Agent 28
  29. 29. 29
  30. 30. 30
  31. 31. SWAP A HTTPS CONTENT • Rewrite a request path 31
  32. 32. 32
  33. 33. THIS WEBSITE IS SECURED BY SSL? • Yes, if you never trust any private CAs or compromised CAs • Why was Superfish a big topic? • A private CA was preinstalled in many Lenovo laptops • All HTTPS payloads were decrypted without notice • The same private key was embedded and its passphrase was weak • Cracked in a moment • As a result, anyone could be the CA and issue the certificate for any domains • Malwares may install a private CA silently • Certificate pinning doesn’t block it because it’s a PRIVATE CA • http://inaz2.hatenablog.com/entry/2015/02/25/024431 33
  34. 34. END-TO-END ENCRYPTION • Web Cryptography API • Run crypto algorithms on web browsers • http://www.w3.org/TR/2014/CR-WebCryptoAPI-20141211/ • Intel AES-NI and Intel Secure Key (RDRAND) • CPU instructions for AES calculation and random number generation • https://software.intel.com/en-us/articles/intel-advanced-encryption-standard- instructions-aes-ni/ • https://software.intel.com/en-us/articles/intel-digital-random-number-generator- drng-software-implementation-guide 34
  35. 35. RECAP • Trusted HTTPS proxy can trace/modify all HTTPS payloads • Useful for both web developers and security engineers • Happy hacking  35
  36. 36. REFERENCES • The HTTPS-Only Standard • https://https.cio.gov/ • ImperialViolet - Decrypting SSL packet dumps • https://www.imperialviolet.org/2012/06/25/wireshark.html • Proxy War [OWASP DAY 2014/11] • http://www.slideshare.net/zaki4649/proxy-war-42161988 • 自堕落な技術者の日記 : W3C Web Cryptography APIとの果てしなき戦い(第1 回) - livedoor Blog(ブログ) • http://blog.livedoor.jp/k_urushima/archives/1758899.html 36
  37. 37. THANK YOU! @INAZ2 Credits Clip arts: http://www.clker.com/ English Reviewing: @domiryuu

×