20 de ago. de 2020

TLS-Attacker V2.2 And The ROBOT Attack

We found out that many TLS implementations are still vulnerable to different variations of a 19-year old Bleichenbacher's attack. Since Hanno argued to have an attack name, we called it ROBOT: https://robotattack.org

Given the new attack variants, we released a new version of TLS-Attacker 2.2, which covers our vulnerabilities.

Bleichenbacher's attack from 1998

In 1998, Daniel Bleichenbacher discovered that the error messages given by SSL servers for errors in the PKCS #1 1.5 padding allow an adversary to execute an adaptive-chosen ciphertext attack. This attack also belongs to the category of padding oracle attacks. By performing the attack, the adversary exploits different responses returned by the server that decrypts the requests and validates the PKCS#1 1.5 padding. Given such a server, the attacker can use it as an oracle and decrypt ciphertexts.
We refer to one of our previous blog posts for more details.

OK, so what is new in our research?

In our research we performed scans of several well-known hosts and found out many of them are vulnerable to different forms of the attack. In the original paper, an oracle was constructed from a server that responded with different TLS alert messages. In 2014, further side-channels like timings were exploited. However, all the previous studies have considered mostly open source implementations. Only a few vulnerabilities have been found.

In our scans we could identify more than seven vulnerable products and open source software implementations, including F5, Radware, Cisco, Erlang, Bouncy Castle, or WolfSSL. We identified new side-channels triggered by incomplete protocol flows or TCP socket states.

For example, some F5 products would respond to a malformed ciphertext located in the ClientKeyExchange message with a TLS alert 40 (handshake failure) but allow connections to timeout if the decryption was successful. We could observe this behaviour only when sending incomplete TLS handshakes missing ChangeCipherSpec and Finished messages.
See our paper for more interesting results.

Release of TLS-Attacker 2.2

These new findings motivated us to implement the complete detection of Bleichenbacher attacks in our TLS-Attacker. Before our research, TLS-Attacker had implemented a basic Bleichenbacher attack evaluation with full TLS protocol flows. We extended this evaluation with shortened protocol flows with missing ChangeCipherSpec and Finished messages, and implemented an oracle detection based on TCP timeouts and duplicated TLS alerts. In addition, Robert (@ic0ns) added many fixes and merged features like replay attacks on 0-RTT in TLS 1.3.
You can find the newest version release here: https://github.com/RUB-NDS/TLS-Attacker/releases/tag/v2.2

TLS-Attacker allows you to automatically send differently formatted PKCS#1 encrypted messages and observe the server behavior:
$ java -jar Attacks.jar bleichenbacher -connect [host]:[port]
In case the server responds with different error messages, it is most likely vulnerable. The following example provides an example of a vulnerable server detection output:
14:12:42 [main] CONSOLE attacks.impl.Attacker - A server is considered vulnerable to this attack if it responds differently to the test vectors.
14:12:42 [main] CONSOLE attacks.impl.Attacker - A server is considered secure if it always responds the same way.
14:12:49 [main] CONSOLE attacks.impl.Attacker - Found a difference in responses in the Complete TLS protocol flow with CCS and Finished messages.
14:12:49 [main] CONSOLE attacks.impl.Attacker - The server seems to respond with different record contents.
14:12:49 [main] INFO  attacks.Main - Vulnerable:true
In this case TLS-Attacker identified that sending different PKCS#1 messages results in different server responses (the record contents are different).
More articles

  1. Android Hack Tools Github
  2. Hacking Tools Software
  3. Hacker Tools 2019
  4. Kik Hack Tools
  5. Hacker Tools Hardware
  6. Hacker Security Tools
  7. Pentest Tools Github
  8. Hacking Tools For Pc
  9. Hack Website Online Tool
  10. Hacking Tools Download
  11. Hack Tools Download
  12. Pentest Tools For Ubuntu
  13. Hack Tools
  14. Pentest Tools Open Source
  15. Hacking Tools 2020
  16. Hacker Techniques Tools And Incident Handling
  17. Pentest Tools List
  18. Computer Hacker
  19. Usb Pentest Tools
  20. Hacking Tools 2020
  21. Hacking Tools Free Download
  22. Hacking Tools
  23. Hacking Tools For Windows Free Download
  24. Android Hack Tools Github
  25. Github Hacking Tools
  26. Hack Tools Download
  27. Hack Tool Apk No Root
  28. Hack Tools Github
  29. Pentest Tools Kali Linux
  30. Best Hacking Tools 2019
  31. How To Make Hacking Tools
  32. Pentest Tools For Ubuntu
  33. Hacker Tools 2020
  34. Game Hacking
  35. New Hack Tools
  36. Pentest Tools For Ubuntu
  37. Pentest Box Tools Download
  38. Hacker Tools Mac
  39. Hacker Tools Mac
  40. Hacking Apps
  41. Pentest Tools For Ubuntu
  42. Hacking App
  43. Hacking Tools 2019
  44. Hacking Tools Online
  45. Bluetooth Hacking Tools Kali
  46. Hacker Tools Linux
  47. Hacking Tools For Windows 7
  48. Pentest Tools Alternative
  49. Pentest Tools Open Source
  50. Nsa Hack Tools Download
  51. How To Make Hacking Tools
  52. Hacker Tools Software
  53. Hack Tool Apk No Root
  54. Hacking Tools Online
  55. Free Pentest Tools For Windows
  56. Hacker Tools Windows
  57. Hacker Tools Windows
  58. Hack Tools For Windows
  59. Hacker Tools Free
  60. Hacking Tools For Windows Free Download
  61. Hacker Tools For Pc
  62. Hacker Tools
  63. Hacking Tools For Games
  64. Hacks And Tools
  65. Blackhat Hacker Tools
  66. Usb Pentest Tools
  67. Hacking Tools For Pc
  68. Pentest Tools Framework
  69. Hack And Tools
  70. Pentest Tools Nmap
  71. What Are Hacking Tools
  72. Pentest Reporting Tools
  73. Pentest Tools Linux
  74. Hacking Tools For Windows Free Download
  75. Hacks And Tools
  76. New Hacker Tools
  77. Pentest Tools Alternative
  78. Easy Hack Tools
  79. Hacker Tools Github
  80. Black Hat Hacker Tools
  81. Best Pentesting Tools 2018
  82. Pentest Tools Subdomain
  83. Hacker Hardware Tools
  84. New Hacker Tools
  85. Hack Tools Github
  86. Hacker Tools For Mac
  87. Nsa Hack Tools Download
  88. Hacker Tools Free Download
  89. Pentest Tools For Windows
  90. Bluetooth Hacking Tools Kali
  91. Hack Tools Mac
  92. Underground Hacker Sites
  93. Pentest Tools For Mac
  94. Github Hacking Tools
  95. Best Hacking Tools 2020
  96. Best Pentesting Tools 2018
  97. Hacker Tools Software
  98. Hacker Tools For Ios
Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)