Exploiting HTTPS using SSL Flaw
By Uma Mahesh

Today security is most critical factor in business applications. Security is implemented at transport layer using SSL Protocol known as Transport Layer Security (TLS). Any secure transactions are carried over internet using https which is implemented using SSL and Digital Certificates. A flaw is discovered in the protocol due to Transport Layer Security Renegotiation. An attacker can leverage this loop hole by Man in the Middle Attack. Internet Engineering Task Force (IETF) is working to provide the fix this protocol level flaw.

A normal HTTPS session involves negotiation for algorithm support (handshake), key exchange and authentication followed by encrypted data transmission. This would happen when a client requests HTTPS Server for a resource/request that needs client certificate authentication. TLS Renegotiation is triggered by sending ClientHello packet (Initial handshake packet). The process is as usual but is encrypted in current session.

Now the attacker waits for client trying to connect to Server, hijacks the connection. Then Attacker establishes a secure connection with server and then request for resource that cause renegotiation and also issues a transaction with ignore prefix (Injection Attack).
“GET acc/transferAmt.php?to=XXX&from=YYY\r\n”
“X-Ignore” #(\r\n missing so that next packet data is appended to this request packet)
Now attacker just acts as proxy between client and server. After client certificate authentication, client and server establish a new connection which attacker cannot see, but the transaction issued previously is positive. As “X-Ignore” ignores the header (original client request) and still use clients credentials (Cookies) sent along with client request.
A successful injection attack can cause even bigger problems as it can steal critical data by injecting a POST command. It was successfully implemented with twitter to steal password and twitter has updated immediately. The immediate fix released has disabled renegotiation, but it is not complete as it would disrupt existing applications

Rescorla Draft on TLS Renegotiate


About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Articles. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s