Man in the Middle? - Nein, danke!

925 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
925
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Man in the Middle? - Nein, danke!

  1. 1. Nein, danke!MAN IN THE MIDDLE ?Daniel Schneller – CenterDevice GmbH
  2. 2. SSL – und alles ist gut™
  3. 3. SSL – und alles ist gut™
  4. 4. SSL – und alles ist gut™…oder ?
  5. 5. Mac App Store
  6. 6. Mac App Store
  7. 7. Mac App Store
  8. 8. Und wo war nun SSL?
  9. 9. SSL – Chain of Trust
  10. 10. SSL – Chain of Trust
  11. 11. SSL – Chain of TrustRoot CA Certificate
  12. 12. SSL – Chain of TrustRoot CA CertificateIntermediate CA Certificate(s)stellt aus
  13. 13. SSL – Chain of TrustRoot CA CertificateIntermediate CA Certificate(s)Leaf Certificatestellt ausstellt aus
  14. 14. SSL – Chain of Trust
  15. 15. SSL – Chain of Trust
  16. 16. SSL – Chain of Trust
  17. 17. SSL – Chain of Trust
  18. 18. SSL – Chain of Trust
  19. 19. SSL – Chain of Trust
  20. 20. Und wie vieleRoot-CAs gibt es ?
  21. 21. System Roots
  22. 22. System Roots
  23. 23. System RootsWindows 8: ~350Mozilla: ~160iOS 6: ~220
  24. 24. Man In The Middle?
  25. 25. Man In The Middle[Corporate] Proxy Client
  26. 26. Man In The Middle[Corporate] Proxy Client
  27. 27. Man In The Middle[Corporate] Proxy Client
  28. 28. Man In The MiddleWebsite [Corporate] Proxy Client
  29. 29. Man In The MiddleWebsite [Corporate] Proxy Client
  30. 30. Man In The MiddleWebsite [Corporate] Proxy Client
  31. 31. Man In The MiddleWebsite [Corporate] Proxy Client
  32. 32. Man In The Middle
  33. 33. Man In The Middle
  34. 34. Man In The Middle
  35. 35. Man In The Middle
  36. 36. Man In The Middle
  37. 37. Man In The Middle
  38. 38. Konsequenzen• Überwachung• Veränderung• Gesendete und empfangene Daten• Chain-Of-Trust formal intakt
  39. 39. Gut und böse• Debugging• Reverse Engineering• Security Audits• Lernen undVerstehen
  40. 40. ReST Debugging
  41. 41. Gut und böse• Phishing• Identitätsdiebstahl• Industriespionage• …
  42. 42. Mac App Store
  43. 43. Mac App Store
  44. 44. Mac App Store
  45. 45. Demo 1Video 1Video 2
  46. 46. Gegenmaßnahmen
  47. 47. Zertifikatsvergleich
  48. 48. Zertifikatsvergleich• Serverzertifikat in Client-App• Vergleich mit vom Server präsentiertemZertifikat• Verbindungsaufbau nur bei exakterÜbereinstimmung
  49. 49. ZertifikatsvergleichClient AppServer
  50. 50. ZertifikatsvergleichClient AppServer==
  51. 51. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  52. 52. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  53. 53. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  54. 54. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  55. 55. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  56. 56. ZertifikatsvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  57. 57. NSString *refPath =[[NSBundle mainBundle] pathForResource:@"reference"ofType:@"der"];NSData *refCertData =[[NSData alloc] initWithContentsOfFile:refPath];Zertifikatsvergleich• Schritt 2: Referenz-Zertifikat laden
  58. 58. NSString *refPath =[[NSBundle mainBundle] pathForResource:@"reference"ofType:@"der"];NSData *refCertData =[[NSData alloc] initWithContentsOfFile:refPath];Zertifikatsvergleich• Schritt 2: Referenz-Zertifikat laden
  59. 59. Zertifikatsvergleich• Schritt 2: Referenz-Zertifikat ladenNSString *refPath =[[NSBundle mainBundle] pathForResource:@"reference"ofType:@"der"];NSData *refCertData =[[NSData alloc] initWithContentsOfFile:refPath];
  60. 60. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  61. 61. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  62. 62. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  63. 63. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  64. 64. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  65. 65. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  66. 66. ZertifikatsvergleichBOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));certificateVerified = [refCertDataisEqualToData:certData];}• Schritt 3: Referenzvergleich
  67. 67. Demo 2Video
  68. 68. Fingerprintvergleich
  69. 69. Fingerprintvergleich• Ähnlich Zertifikatsvergleich• Vergleich des Zertifikat-Hashs mit Referenz• Zertifikat nicht mit App ausgeliefert• Beispiel: Apple Software Update
  70. 70. FingerprintvergleichClient AppServer1122 3344 55667788 9900 AABBCCDD EEFF 99887766SHA-1 Hash
  71. 71. FingerprintvergleichClient AppServer1122 3344 55667788 9900 AABBCCDD EEFF 99887766SHA-1 Hash
  72. 72. FingerprintvergleichClient AppServer==1122 3344 55667788 9900 AABBCCDD EEFF 99887766SHA-1 Hash1122 3344 55667788 9900 AABBCCDD EEFF 99887766
  73. 73. FingerprintvergleichSecTrustResultType evaluationResult;OSStatus status =SecTrustEvaluate(srvTrust,&evaluationResult);if (status == errSecSuccess) {if (evaluationResult == kSecTrustResultUnspecified) {// ...}}• Schritt 1: Chain-of-Trust validieren
  74. 74. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  75. 75. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  76. 76. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  77. 77. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  78. 78. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  79. 79. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  80. 80. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  81. 81. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  82. 82. Fingerprintvergleichstatic NSString* const kReferenceFP = @"AC .... DC";BOOL found = NO;CFIndex crtCount = SecTrustGetCertificateCount(srvTrust);for (CFIndex j = 0; j < crtCount && !found; j++) {SecCertificateRef cert =SecTrustGetCertificateAtIndex(srvTrust, j);NSData* certData =CFBridgingRelease(SecCertificateCopyData(cert));NSString* fingerprint = [self sha1:certData];found = [kReferenceFP isEqualToString:fingerprint]}• Schritt 2: Fingerprint berechnen
  83. 83. Demo 3Video
  84. 84. Fallstricke
  85. 85. Fallstricke• Zertifikatswechsel• Abgelaufen• Kompromittiert• Frühzeitiges App-Update planen• Altes und neues Zertifikat gleichzeitig
  86. 86. Variante
  87. 87. Variante• Prüfung des Root-CA Zertifikats• Trade-Off Flexibilität gegen Sicherheit• Updates nur bei Root-CA Wechsel nötig
  88. 88. Fazit
  89. 89. Fazit• SSL gewährleistet• Vertraulichkeit• Identitätsgarantie• CA System (oft) ausreichend• Mehr Sicherheit = Höherer Aufwand
  90. 90. InformierteEntscheidungen treffen!
  91. 91. LinksSample Code• github.com/dschneller/mitm-no-thank-youTools• github.com/ADVTOOLS/ADVcertificator• github.com/ADVTOOLS/ADVTrustStore• www.apple.com/support/iphone/enterprise• technet.microsoft.com/en-us/library/cc754841.aspx
  92. 92. LinksTLS Session Cache• developer.apple.com/library/ios/#qa/qa1727Root-CA Listen• support.apple.com/kb/HT5012• www.mozilla.org/projects/security/certs/included/• social.technet.microsoft.com/wiki/contents/articles/14215.windows-and-windows-phone-8-ssl-root-certificate-program-member-cas.aspx• Android: Settings–Security–Trusted Credentials(ab 4.0)
  93. 93. Vielen Dank!
  94. 94. Fragen ?daniel.schneller@centerdevice.de@dschneller
  95. 95. Das war’s.Wirklich :)

×