5

I simulate an ARP poison attack in my LAN network. In the network I have 4 devices: victim, attacker, router and a web server.

The victim try to log in the website on the web server and the attacker eavesdrop the channel between the victim and the router.

I could use this MiTM attack successfully when I used HTTP. I configured my apache webserver and it provide HTTPS, but I can still eavesdrop in the channel. The HTTPS padlock is red, of course because of the certificate, but it says that the connection uses TLS 1.2. So can anybody make it clear for me?

Rui F Ribeiro
  • 1,736
  • 9
  • 15
ampika
  • 655
  • 7
  • 13

2 Answers2

5

I would remind you a ARP poisoning attack works at layer 2 OSI, whilst HTTPS work at layer 5.

Or else, to better pose your problem, your doubt seems to be wether someone listening to the conversation or performing a MitM (man-in-the-middle) attack can compromise the security of an SSL conversation without the user noticing.

The ARP poisoning attack only alters the default route of outgoing packets, as the attack machines poisons the ARP tables of the victims to poses as the router.

SSL technologies complicate proxying it, but the feat is not impossible. In fact, some security products/corporate firewalls implement technology that basically are MitM attacks to be able to listen to HTTPS dialogues and detect malware.

For establishing a successful MitM attack / proxy to a session protected by X.509:

. the user has to be uneducated enough to accept a wrong certificate;
. or you have to fool the user browser the certificate is legitimate.

For that effect either you search for HASH collision in older protocols (i.e. that is way SHA-1 certificates are being phased out), or you install a root certificate of your own in the victim´s computer.

In a corporate setting, normally the AD propagates a root certificate for that effect. Some malware is known also for employing this techniques, and at least a hardware vendor and an AV company were grilled in the public opinion for doing this, the first to be able to insert adverts in your pages, the latter for scanning for viruses at OS level without using dedicated plug-ins for the browser.

Kazakhstan made it to a whole new level, and is doing MitM attacks at country level, via a mandatory root CA that has to be installed in any device using a national telecom connection:

http://thehackernews.com/2015/12/kazakhstan-internet-spying.html

http://www.theregister.co.uk/2015/12/03/kazakhstan_to_maninthemiddle_all_internet_traffic/

This particular technique generates a valid certificate on the fly for the HTTPS requests it intercepts which has as root the ROOT CA installed on the victim.

You have a slashdot thread talking about the technique here: http://it.slashdot.org/story/14/03/05/1724237/ask-slashdot-does-your-employer-perform-https-mitm-attacks-on-employees

An article from Sophos explaining how the SuperFish attack works in Lenovo´s malware:

https://nakedsecurity.sophos.com/2015/02/20/the-lenovo-superfish-controversy-what-you-need-to-know/

You also can do it in a Unix system:

https://www.roe.ch/SSLsplit

SSLsplit supports plain TCP, plain SSL, HTTP and HTTPS connections over both IPv4 and IPv6. For SSL and HTTPS connections, SSLsplit generates and signs forged X509v3 certificates on-the-fly, based on the original server certificate subject DN and subjectAltName extension.

So evidently whilst HTTPS is better than nothing, it is not perfect. It is far more secure to use VPNs when using Internet in more hostile environments, and specially at wifi free hotspots.

As an interesting tidbit, law enforcement has mandatory interception stations in major ISPs, with software/interfaces that implement this MitM attacks and are able to inject corrupted executables/fake OS updates to take control of a victim computer, as documented by the administration/system/operators manuals that were leaked by Snowden or Assange (cant remember)

Link to article and leak of manuals in PDF format

https://theintercept.com/2014/10/30/hacking-team/

Also once and a while, you will see there will be a stink about registrars issuing known certificates like google.com by "mistake", "trainees tests" or because they are hacked. The controversy is that this further undermines the security and trust of SSL, and I would not be surprised wether some of that mistakes are for aiding their own security/intelligence/law enforcement forces to snoop on someone, for instance using google.

Rui F Ribeiro
  • 1,736
  • 9
  • 15
  • 2
    Basic Auth over HTTPS - how many times have I heard that when people say Basic Auth over HTTP is useless. Well, Basic Auth over HTTPS is pretty useless too with this sort of attack. I guess this is why HTTPS is said to provide point-to-point security only. – RaviU Sep 08 '17 at 18:20
2

When a user (victim) is presented with a certificate warning and this user accepts the certificate warning, you will indeed be able to perform a successful MiTM attack.

When the user (victim) accepts your (attacker) certificate, you are able to do this because you have the private key of the certificate.

Jeroen
  • 5,813
  • 2
  • 19
  • 26