You are on page 1of 39


& Scary SSL Attacks
Sam Bowne


Sam Bowne
Computer Networking and Information
City College San Francisco


sslstrip – Steals passwords from mixedmode Web login pages

Slowloris – Denial of Service – Stops
Apache Web servers

Scary SSL Attacks--ways to completely
fool browsers

sslstrip .

IMDB HTTPS HTTP HTTPS HTTP HTTPS MIXED MIXED HTTPS . Wikipedia 3.0 Sites         1. Flickr 6. YouTube 2. Photobucket 5. Twitter 8. WordPress 7.The 15 Most Popular Web 2. Craigslist 4.

ebizmba.The 15 Most Popular Web 2. deviantART 15.0 Sites        9. eHow . topix 13. TypePad 12. Technorati  HTTP HTTPS HTTPS HTTP Obfuscated HTTP MIXED HTTPS From http://www. LiveJournal 14. Digg 10.

5 HTTPS. 3 HTTP.Password Stealing Medium ssltrip Easy Wall of Sheep MIXED. 7 Hard Spoofing Certificates .

Mixed Mode  HTTP Page with an HTTPS Logon Button .

sslstrip Proxy Changes HTTPS to HTTP To Internet HTTPS HTTP Target Using Facebook Attacker: sslstrip Proxy in the Middle .

Ways to Get in the Middle .

Physical Insertion in a Wired Network To Internet Attacker Target .

Configuring Proxy Server in the Browser . .ARP Poisoning     Redirects Traffic at Layer 2 Sends a lot of false ARP packets on the LAN Can be easily detected DeCaffienateID by IronGeek  http://k78.

1 ARP Request ARP Reply Client Gateway Facebook.2.168.1? ARP Reply:  MAC: 00-30-bd-02-ed-7b has 192.168.2.ARP Request and Reply    Client wants to find Gateway ARP Request: Who has .

com .ARP Poisoning Attacker ARP Replies: I am the Gateway Forwarded & Altered Traffic Traffic to Facebook Client Gateway Facebook.

Demonstration .

slowloris .


400 seconds by default for the request to complete So less than one packet per second is enough to occupy them all Low-bandwidth DoS--no collateral damage! .Send Incomplete HTTP Requests     Apache has a queue of approx. 256 requests Each one waits approx.

OSI Model OSI Model DoS Attack 7 Application Slowloris – Incomplete HTTP Requests 6 Presentation 5 Session 4 Transport SYN Flood – Incomplete TCP Handshakes 3 Network 2 Data Link 1 Physical Cut a cable .

Demonstration .

iClicker Questions .

D. Layer 1 Layer 2 Layer 3 Layer 4 Layer 5 or higher . What OSI Model was that attack in? A. C.Power failures brought down servers at 365 Main last year. E. B.

HTTPS .Which type of website is the most dangerous? A. HTTP B. Mixed: HTTP with HTTPS elements C.

What precaution protects you best when using a public Wi-Fi hotspot? A.1x . B. E. C. Open Access WEP WPA VPN 802. D.

E. D. Do nothing and ignore it Adjust Apache timeouts Use a load-balancer Add a module to Apache Something else . C.What precaution seems best against SlowLoris? A. B.

C.What sort of logins do users of your Website use? A. B. E. D. Plaintext Mixed-mode HTTPS with a CA Self-signed SSL Something else .

What plans do you have to use IPv6? I don't care about IPv6 at all I'll implement IPv6. . D. I am already using IPv6 A. but not for years Planning to implement it within a year Planning to implement it sooner than a year E. B. C.

Scary SSL Attacks .

com Attacker: Cain: Fake SSL Certificate .Man in the Middle To Internet HTTPS HTTPS Target Using https://gmail.

Warning Message .

Certificate Errors   The message indicates that the Certificate Authority did not validate the certificate BUT a lot of innocent problems cause those messages Incorrect date settings  Name changes as companies are acquired  .

Most Users Ignore Certificate Errors  Link SSL-1 on my CNIT 125 page .

Fake SSL With No Warning      Impersonate a real Certificate Authority Use a Certificate Authority in an untrustworthy nation Trick browser maker into adding a fraudulent CA to the trusted list Use a zero byte to change the effective domain name Wildcard certificate .

Impersonating Verisign  Researchers created a rogue Certificate Authority certificate. by finding MD5 collisions   Using more than 200 PlayStation 3 game consoles Link SSL-2 .

2009 Earlier.Countermeasures   Verisign announced its intent to replace MD5 hashes (presumably with SHA hashes). SSL-7 . vulnerable certificates would be replaced only if the customer requested it   Link SSL-4 FIPS 140-1 (from 2001) did not recognize MD5 as suitable for government work  Links SSL-5. SSL-6. in certificates issued after January.

CA in an Untrustworthy Nation  Link SSL-8 .

Unknown Trusted CAs   An unknown entity was apparently trusted for more than a decade by Mozilla Link SSL-9 . Link SSL-10 .Zero Byte Terminates Domain Name  Just buy a certificate for\   Browser will see that as matching paypal.