17

http://www.thoughtcrime.org/software/sslsniff/

If I have a domain on my HTTPS Everywhere list, so that theoretically it could be only visited via an HTTPS connection in my Firefox, then could an sslsniff attack be successful against me? Could the attacker get information because the sslsniff degraded the connection from HTTPS to HTTP? Or I am "fully safe" from these kind of attacks when using HTTPS Everywhere?

UPDATE: and what happens if I have the domain whitelisted in HTTPS Everywhere? [xml files could be created]. So the domain would be only available via HTTPS.

Rory Alsop
  • 61,474
  • 12
  • 117
  • 321
LanceBaynes
  • 6,209
  • 12
  • 60
  • 92
  • 2
    as far as I know, HTTPS everywhere is just an addon to enable https browsing when it is possible , it doesn't add any more security, so I think tools like SSL-Strip won't be stopped by using this addon. – Mohamad Alhamoud Dec 21 '11 at 12:28
  • https://www.eff.org/https-everywhere/faq/ - Q. Why does HTTPS Everywhere include rules for sites like PayPal that already require HTTPS on all their pages? – LanceBaynes Dec 26 '11 at 22:35
  • +1 I like this question, but I don't really like the answer you picked. So I posted my own. – rook Dec 27 '11 at 17:04
  • @LanceBaynes, Because users are lazy and never type `https://paypal.com` directly in the URL bar. The user types `paypal.com` which brings him to the HTTP version of `paypal.com`. – Pacerier Mar 29 '15 at 07:31

5 Answers5

22

The short answer is: No, not always. I have studied this topic in depth and please read this entire post before forming a conclusion.

SSLSniff is a proof of concept exploitation platform to leverage flaws in the PKI, such as vulnerabilities in OCSP or the (ingenious) null-prefix certificate attack. If you are using a fully patched system, and you understand what an SSL error means then you are immune to MOST (but not all) of these attacks without the need for HTTPS Everywhere. If you are not patched against the null-prefix certificate attack then the certificate will appear valid and HTTPS everywhere will be useless. If you don't understand what an SSL error means, then HTTPS Everywhere is useless against SSLSniff.

What I think is more concerning than SSLSniff is SSLStrip, which is also written by Moxie Marlinspike and introduced in his talk New Tricks For Defeating SSL In Practice. This tool won't cause ssl errors. This is exploiting, HTTP/HTTPS the application layer. If you load a page over HTTP, it will rewrite the page removing HTTPS links. It will go a step further and change the favicon.ico file to a picture of a lock, to fool novice users. Simple enough, but absolutely devastating consequences. In response to this attack Google introduced the Strict Transport Layer Security (STS), which is a lot like HTTPS Everywhere but built into the browser. It should also be noted that HTTPS Everywhere is really good an defending against the SSLStrip attack. In fact this is the EFF's solution to attacks like SSL strip as well as careless OWASP a9 - Insufficient Transport Layer Protection violations.

So when does HTTPS Everywhere AND STS fail? How about https://stackoverflow.com. If you notice, they are using a self signed certificate. Jeff Atwood himself doesn't care about this issue. Because this website is using a self signed certificate, HTTP Everywhere will forcibly use HTTPS, but the attacker can still use SSLSniff to deliver their own self signed certificate and therefore HTTPS Everywhere would fail to protect someone from hijacking your StackOverflow account.

Okay, so at this point you probably are saying to yourself. "Well that's why we have a PKI!". Well, except the PKI isn't perfect. One of the creators of HTTPS said "The PKI was more of a last minute handwave" (See: SSL And The Future Of Authenticity). In this talk Moxie asked a great question, is a PKI really the best solution? I mean we are having problems with CAs like DigiNotor being hacked. When a CA is hacked, then the attacker can create a valid certificate, and then HTTPS Everywhere is totally useless, an attacker can still use SSLSniff because he has a "valid" certificate. The EFF's SSL observatory demonstrates what a tangled mess the PKI system is. I mean really, what is stopping China from creating a certificate for gmail.com? Well the EFF is proposing the Sovereign Keys Project and I think it's a great idea. Besides the fact that Sovereign keys don't exist as of yet, there is another problem, Sovereign keys don't help self-signed certificates like the one being used by https://stackoverflow.com! However Moxie thought of this situation and came up with a solution that he calls Convergence. Convergence is relying upon the masses for trust. The host will be contracted from multiple connections around the planet, if any one of them sees a different self-signed certificate, then you know a MITM attack is taking place. Having a warning that something is wrong is a lot better than nothing.

In summation, there are fundamental problems HTTPS Everywhere. When there is a vulnerability in software used to validate certificates. When the user doesn't understand the repercussions of an SSL failure. When a self-signed certificate is used. Then finally, when our compromised PKI is used against you. This is a serious problem and intelligent people working on fixing it, this includes the EFF and the author of SSLStrip, Moxie Marlinspike.

rook
  • 47,004
  • 10
  • 94
  • 182
  • Nice... same answer, other words. Must be boring to repeat what's been said already. –  Dec 31 '11 at 15:23
  • @e-sushi I didn't like your post because you left out any reference to Moxie Marlin spike research (Have you even seen his talks!?). You also left out the recent counter security measures proposed by the EFF, which is the creator of HTTPS Everywhere as well as countermeasures developed by the creator of SSLSniff Moxie marlin spike. – rook Dec 31 '11 at 17:02
  • "proposed by the EFF"... read again... "PROPOSED". Indeed it is, but nothing else. Therefore, a reference to it does not make sense as it's not a current standard! And related to your propaganda for a particular person, I would like to say that I saw no need to promote someone in particular when answering the question because naming that (or any other person) actually has no (technical or other) value at all when answering OP's question. You may be a fan of "his talks", but I think such propaganda is misplaced here. Just like discussions or repetitions of already made statements. // Peace-Out. –  Jan 01 '12 at 16:36
9

"HTTPS Everywhere" is only about using SSL whenever it is possible -- i.e. automatically using the SSL version of a site if it exists, even if the link you typed or followed is for the non-SSL site of the same name. That's all "HTTPS Everywhere" does.

"sslsniff" is an attack tool to hijack SSL connections. It requires two things:

  • A way to intercept incoming and outgoing low-level traffic between the attacked client and server; sslsniff primarily relies on ARP spoofing for that, so the attacker must be on the same LAN than either the client or the server.
  • Insertion in the client browser of a root CA that the attacker controls, or exploit of a security hole in the certificate validation code in the client browser. The SSL security model relies on the client validating the certificate with regards to its a priori known root CA certificates; sslsniff is about using a fake certificate generated on the fly, but that certificate must still be acceptable to the client.

So there is really no connection between sslsniff and HTTPS Everywhere. sslsniff does not degrade HTTPS connections to HTTP; from the point of view of both the client and the server, it is still SSL all the way, and HTTPS Everywhere would feel perfectly happy with it. sslsniff is "just" a tool to leverage breaches in the certificate validation model that SSL uses to ensure security.

Tom Leek
  • 170,038
  • 29
  • 342
  • 480
3

...then could an sslsniff attack be successfull against me?

Yes.

Could the attacker get informations because the sslsniff degraded the connection from HTTPS to HTTP?

Yes.

Let me add that your description does not exactly fit to how "sslsniff" works. SSLsniff acts more like a proxy intercepting SSL traffic, instead of simply degrading your connection. In other words: SSLsniff messes with the certificates more than with the HTTPS connection itself.

This means your "addon" might actually think everything is fine, while in fact your connection is as unsecure as it can get and you would not know about it.

Or I am "fully safe" from these kind of attacks when using HTTPS Everywhere?

No.

Never expect a "browser addon" to provide "system protection".

To give you a human perspective: You wouldn't send boyscouts to war either, would you? Of course not, since they would not be fit and able enough to handle the job. Well, neither is a simple browser addon when it comes to SSL security.

Think about it: anyone messing with your browser could mess with the addon. In a worst-case scenario, the addon could be modified to not even warn you that you've "lost" your secure ssl connection while browsing and you would not know about it. Any virus, malware or even new browser exploit would be able (depending on it's individual malicious purpose) to mess with your system... including the software on your system (which includes your web-browser and it's addons and plugins).

UPDATE: and what happens if I have the domain whitelisted in HTTPS Everywhere? [xml files could be created]. So the domain would be only available via HTTPS.

Getting back to your case and example: you're worrying about the HTTPS connection. Your browser might use that connection, but it can not be sure the data it's sending or receiving is not being intercepted and neither can any addon. Actually, detecting such an "interception" can already be pretty hard even when you're using "tools of the trade". Your webbrowser and all the addons out there do not provide ANY means to detect such an "attack". Not yet anyway... SSLsniff was made to show the weakness of HTTPS connections (which not only influences webbrowsers). It is yet to be seen if browser-vendors will be able to find a solid "fix" to such vulnerabilities. Especially, since it's less of a browser issue, but more of a "connection" and "network security" problem. And when you've checked http://www.thoughtcrime.org/software/sslsniff/, you'll have seen that there's already more trouble waiting for us around the corner. This is displayed by the additional functionality the SSLsniff tool has gained... just to display related problems like the one you've recently learned about and were hoping to fix by using your browser addon.

Anyway, let me keep it short by repeat myself: Never expect a "browser addon" to provide "system protection". You may or may not like it, but that's the shortest answer to your question, wrapping it all up in a single line of understandable text. The rest of my rather long answer is merely some useful decoration information to provide some insights where needed.

2

@LanceBaynes, Is it possible you really meant to ask about sslstrip, rather than sslsniff?

Sslsniff exploits a very specific vulnerability in Microsoft IE6. This is fixed in all modern versions of IE, and it never affected any other browser -- in particular, it never affected Firefox.

HTTPS Everywhere is an add-on that is available for Firefox. It is not available for IE. Therefore, HTTPS Everywhere is completely irrelevant for defending against a vulnerability in IE. It's like apples and oranges. There's nothing a Firefox-only add-on could do to defend against a IE-only vulnerability.

I suspect you meant to ask about sslstrip. Sslstrip is a much more serious attack that remains dangerous today. It is a man-in-the-middle attack that converts your HTTPS connections into HTTP connections (or convert them into HTTPS connections to some other site that the attacker controls and whose domain name looks similar enough that you might not notice). This attack is devastating and difficult for users to detect.

HTTPS Everywhere is designed to defend against sslstrip-like attacks. The way it works is by having a large database of which websites support HTTPS. If the website supports HTTPS, then HTTPS Everywhere will ensure your browser only uses HTTPS to connect to it: it will not allow your browser to connect over unencrypted HTTP. Thus, HTTPS Everywhere is partly helpful at stopping those sorts of attacks.

HSTS is another defense against sslstrip-like attacks. HSTS is supported on all modern browsers (which is an advantage over HTTPS Everywhere). However, HSTS requires the site to opt into protection (which is a disadvantage compared to HTTPS Everywhere).

More reading:

D.W.
  • 98,860
  • 33
  • 271
  • 588
2

You would still be vulnerable to SSLSniff.

SSLSniff uses Arp-spoof to be the MITM. What that means is that your vulnerability is to the local LAN (or wifi).

I have not tested the latest sslsniff version to know how it handles the certificate warning, but that is the only indication a user has that something is wrong with the setting up of the secure connection to the remote site.

schroeder
  • 125,553
  • 55
  • 289
  • 326