Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

proxy2: HTTPS pins and needles

55,776 views

Published on

2015/05/09 すみだセキュリティ勉強会 2015#1

Published in: Technology
  • Be the first to comment

proxy2: HTTPS pins and needles

  1. 1. PROXY2: HTTPS PINS AND NEEDLES 2015/05/09 すみだセキュリティ勉強会 2015#1 @INAZ2
  2. 2. ABOUT ME • @inaz2 • Security engineer & Python programmer • Girl idol freak • Blog: ももいろテクノロジー • http://inaz2.hatenablog.com/ 2
  3. 3. HTTPS EVERYWHERE [GOOGLE I/O 2014] • http://lanyrd.com/2014/io14/sdcgyb/ 3
  4. 4. HTTPS = HTTP OVER SSL/TLS [RFC 2818] • http://lanyrd.com/2014/io14/sdcgyb/ 4
  5. 5. SSL/TLS AUTHENTICATION • Certificate Authority (CA) issues the signed certificate for subject’s public key • Clients trust some root CAs beforehand • Clients verify the chain of certificates until it reaches the trusted root CA 5 Client Server CA Root CA Verify each signature by issuer’s public key Private key Public key signature = ENCRYPT(HASH(certificate content), privkey) sign
  6. 6. SSL/TLS ENCRYPTION • A client generate a session key (e.g. AES key) • The client and the server share the session key • By the key exchange algorithm (e.g. RSA or ECDHE) • After all, the payload is encrypted by the session key 6 Client Server Payload Session key (shared by each other)
  7. 7. WE CANNOT SEE HTTPS PAYLOADS AS IS • In Wireshark 1.12.4 7
  8. 8. DECRYPTING HTTPS PAYLOADS IN WIRESHARK • Register the destination server’s private key • Need to own the server • If I have Google’s private key, I will be in the jail • Only works when RSA key exchange is used • Ineffective against ECDHE key exchange (because of forward secrecy) 8
  9. 9. SSLKEYLOGFILE ENVIRONMENT VARIABLE • Make the browsers write session keys in a file • Configure Wireshark to use the file for decrypting • Don’t have to own the server & works with any key exchange algorithms 9
  10. 10. ANOTHER WAY… HTTPS PROXY • Intercept HTTPS connection by Man-in-the-Middle • The proxy terminates HTTPS connection and reconnects to the opposite • The proxy can decrypt the payload by its private key 10 Client Proxy w/ CA Internet sites HTTPS HTTPS I’ll trust the proxy! Decrypt all traffic! Hello, proxy.
  11. 11. FIDDLER, BURP PROXY, OWASP ZAP ETC. • Useful proxies for web vulnerability testing • All supports HTTPS • Programmable to some extent • But GUI • Basically they require user interactions 11
  12. 12. THERE’S A NEED FOR THE TOOL WITHOUT CLICKING 12
  13. 13. PROXY2
  14. 14. SONG 2 BY BLUR • https://www.youtube.com/watch?v=SSbBvKaM6sk • “I got my head checked By a jumbo jet It wasn't easy But nothing is No” 14
  15. 15. PROXY2 • https://github.com/inaz2/proxy2 • HTTP/HTTPS proxy in a single python script • A successor of SimpleHTTPProxy [sumidasec 2013/12] • Built on top of Python standard libraries (BaseHTTPServer, httplib, ssl etc.) • HTTPS features depend on OPENSSL(1) • Fully programmable by implementing handler functions in Python • Trace HTTPS payloads • Modify HTTPS payloads • Save HTTPS payloads or stats to the storage 15
  16. 16. NEED TO TRUST IT AS A PRIVATE CA • Execute “setup_https_intercept.sh” and run proxy2 • Configure the browser’s proxy setting • Then access to http://proxy2.test/ 16
  17. 17. TRACE HTTPS PAYLOADS • Implemented and enabled by default • Print headers and POST data with color • Pretty-output query parameters, Cookies and JSON data • Show the title of a HTML document • Decode the credential of basic auth 17
  18. 18. SERVER, X-POWERED-BY, VIA • http://hhvm.com/blog/7205/wikipedia-on-hhvm 18
  19. 19. SERVER, X-POWERED-BY, VIA • http://hhvm.com/blog/7205/wikipedia-on-hhvm 19 Nginx/1.6.2 with HHVM/3.3.1 3 reverse proxies (Varnish Cache) ?
  20. 20. 20
  21. 21. X-REQUEST-ID, X-RUNTIME, X-SERVED-BY 21
  22. 22. X-REQUEST-ID, X-RUNTIME, X-SERVED-BY 22 The request 1f03c5 was responded by the server e68303 and it took 6.5 milliseconds
  23. 23. PRIVATE API ENDPOINT • Content-Type seems wrong 23
  24. 24. GMAIL LOGIN 24
  25. 25. GMAIL LOGIN 25
  26. 26. YOUTUBE’S SPF (STRUCTURED PAGE FRAGMENTS) • https://youtube.github.io/spfjs/ 26
  27. 27. YOUTUBE’S SPF (STRUCTURED PAGE FRAGMENTS) • https://youtube.github.io/spfjs/ 27
  28. 28. MODIFY HTTPS PAYLOADS • Change the User-Agent 28
  29. 29. 29
  30. 30. 30
  31. 31. SWAP A HTTPS CONTENT • Rewrite a request path 31
  32. 32. 32
  33. 33. THIS WEBSITE IS SECURED BY SSL? • Yes, if you never trust any private CAs or compromised CAs • Why was Superfish a big topic? • A private CA was preinstalled in many Lenovo laptops • All HTTPS payloads were decrypted without notice • The same private key was embedded and its passphrase was weak • Cracked in a moment • As a result, anyone could be the CA and issue the certificate for any domains • Malwares may install a private CA silently • Certificate pinning doesn’t block it because it’s a PRIVATE CA • http://inaz2.hatenablog.com/entry/2015/02/25/024431 33
  34. 34. END-TO-END ENCRYPTION • Web Cryptography API • Run crypto algorithms on web browsers • http://www.w3.org/TR/2014/CR-WebCryptoAPI-20141211/ • Intel AES-NI and Intel Secure Key (RDRAND) • CPU instructions for AES calculation and random number generation • https://software.intel.com/en-us/articles/intel-advanced-encryption-standard- instructions-aes-ni/ • https://software.intel.com/en-us/articles/intel-digital-random-number-generator- drng-software-implementation-guide 34
  35. 35. RECAP • Trusted HTTPS proxy can trace/modify all HTTPS payloads • Useful for both web developers and security engineers • Happy hacking  35
  36. 36. REFERENCES • The HTTPS-Only Standard • https://https.cio.gov/ • ImperialViolet - Decrypting SSL packet dumps • https://www.imperialviolet.org/2012/06/25/wireshark.html • Proxy War [OWASP DAY 2014/11] • http://www.slideshare.net/zaki4649/proxy-war-42161988 • 自堕落な技術者の日記 : W3C Web Cryptography APIとの果てしなき戦い(第1 回) - livedoor Blog(ブログ) • http://blog.livedoor.jp/k_urushima/archives/1758899.html 36
  37. 37. THANK YOU! @INAZ2 Credits Clip arts: http://www.clker.com/ English Reviewing: @domiryuu

×