More Tricks For Defeating SSL In Practice

More documents

Recommendations

Info

$\H1B%-12345X@PJL JOB “HackingPrinters”$

Other Weird Stuff●(www.paypal.com|mail.google.com|www.etrade.com|www.bankofamerica.com|www.wachovia.com|www.pnc.com|www.wellsfargo.com)\0.thoughtcrime.orgMoxie MarlinspikeInstitute For Disruptive Studies
And... your remote exploit.● 144 char *e2 = (char *) PORT_Alloc(sizeof(char)*strlen(exp));● 145 register int t,p2,p1 = 1;● 146 int cp;● 147● 148 while(1) {● 149 for(cp=1;exp[cp] != ')';cp++)● 150 if(exp[cp] == '\\')● 151 ++cp;● 152 for(p2 = 0;(exp[p1] != '|') && (p1 != cp);p1++,p2++) {● 153 if(exp[p1] == '\\')● 154 e2[p2++] = exp[p1++];● 155 e2[p2] = exp[p1];● 156 }● 157 for (t=cp+1; ((e2[p2] = exp[t]) != 0); ++t,++p2) {}● 158 if(_shexp_match(str,e2, case_insensitive) == MATCH) {● 159 PORT_Free(e2);● 160 return MATCH;● 161 }● 162 ...Moxie MarlinspikeInstitute For Disruptive Studies
Page 1:
More Tricks For Defeating SSL InPra
Page 7 and 8:
Certificate ChainingVeriSignInterme
Page 9 and 10:
What they say:●●●●Verify th
Page 11 and 12:
VeriSignWhat if...IntermediateCAInt
Page 13 and 14:
What they say:●●●●Verify th
Page 15 and 16:
But we just created a valid certifi
Page 17 and 18:
...is a somewhat obscure field.Moxi
Page 19 and 20:
And then in 2002...●●●Microso
Page 21 and 22:
sslsniffMoxie MarlinspikeInstitute
Page 24 and 25:
Lately, I've been talking aboutSSL
Page 26 and 27:
Moxie MarlinspikeInstitute For Disr
Page 28 and 29:
In the context of web browsing●
Page 30 and 31:
Page 32 and 33:
We Can Attack SSLBefore We Even Get
Page 34 and 35:
sslstripMoxie MarlinspikeInstitute
Page 36 and 37:
sslstrip●Watch HTTP traffic go by
Page 38 and 39:
How Does It Look?
Page 40 and 41:
How Does It Look?
Page 43 and 44:
The sites themselves confuse us.
Page 45 and 46:
Some sites provide no visible diffe
Page 47 and 48:
Other Little Tricks:
Page 49 and 50:
Where do we need to go from here?Mo
Page 51 and 52:
What's with certificates, anyways?X
Page 53 and 54:
What's with certificates, anyways?X
Page 55 and 56:
Page 57 and 58:
SSL/TLS Handshake BeginningsClientH
Page 59 and 60:
The Problems For Us BeginAttackerCl
Page 61 and 62:
In 2000, things were different.Moxi
Page 63 and 64:
Identification!Moxie MarlinspikeIns
Page 65 and 66: Actual people involved...Moxie Marl
Page 67 and 68: These days it's all about:online do
Page 69 and 70: Moxie MarlinspikeInstitute For Disr
Page 71 and 72: PKCS #10CertificateRequestVersionSu
Page 81 and 82: SubjectsDistinguishedNameCountrySta
Page 83 and 84: SubjectsDistinguishedNameCountrySta
Page 85 and 86: CNcommonName ::=SEQUENCE { { 2 5 4
Page 87 and 88: PKCS #10 SubjectDistinguishedNameCo
Page 89 and 90: PKCS #10 SubjectCommon Nameverisign
Page 91 and 92: PKCS #10 SubjectCommon Namewww.payp
Page 93 and 94: PKCS #10 Certificate SigningRequest
Page 95 and 96: Our Original ScenarioX509Certificat
Page 97 and 98: In memory, though...char *destinati
Page 99 and 100: In the eyes of most SSLimplementati
Page 101 and 102: A First Cut: updated sslsniffsslsni
Page 103 and 104: How does it look?Moxie MarlinspikeI
Page 105 and 106: How does it look?Moxie MarlinspikeI
Page 107 and 108: 1) Targeted attacks are kind of lam
Page 115: Universal Wildcard*~.thoughtcrime.o
Page 119 and 120: And... your remote exploit.● 144
Page 121 and 122: And... your remote exploit.(AAAAAAA
Page 123 and 124: And... your remote exploit.(AAAAAAA
Page 125 and 126: A Second Cut: sslsniff withwildcard
Page 127 and 128: What do we have to worry about?Moxi
Page 129 and 130: What do we have to worry about?1) C
Page 133 and 134: Defeating OCSPOCSPResponse ::= SEQU
Page 143 and 144: A Third Cut: ocsp-aware sslsniffssl
Page 145 and 146: What do we have to worry about?2) U
Page 147 and 148: Firefox/Thunderbird: A Case StudyUp
Page 149 and 150: Firefox/Thunderbird: A Case Study
Page 151 and 152: A Fourth Cut: update-aware sslsniff
Page 153 and 154: Postscript:Stripping NULL is no sol
Page 155 and 156: Conclusion●●●●●●We have
show all

More Tricks For Defeating SSL In Practice

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?