Welcome!

Apache Authors: Elizabeth White, Pat Romanski, Liz McMillan, Christopher Harrold, Janakiram MSV

Blog Feed Post

Verifying CRIME, SSLv2 and Plain Text TLS Injection with OpenSSL

If you are a system administrator or penetration tester, you need to be able to check for common vulnerabilities. When configured incorrectly, SSL/TLS has many. There are tons of SSL auditing tools out there, some with more functionality than others, but why add more tools when you can do it yourself?

So this is a tutorial on how to install Openssl from source on a Debain system with a few easy modifications so that you will be able to test for CRIME, SSL version 2 and TLS plain text injection.

First, you’ll need to make sure you have these programs installed:

$ sudo apt-get update && sudo apt-get install build-essential 	devscripts m4 quilt debhelper

Next, you’ll need the source code to OpenSSL. After this is downloaded, you’ll need to move into the openssl directory:

$ apt-get source openssl
	$ cd openssl-*/

SSLv2

SSL version two is an outdated SSL protocol that is filled with problems. For this reason, Debian and other Linux distributions disable SSLv2 in openssl by default. While this is a nice gesture to prevent users from making insecure ciphers, there are those of us that need to be able to check for said ciphers. So we’ll be adding the support back in.

First, from the openssl directory, remove all patches:

$ quilt pop -a

Now we need to remove where the no-sslv2 patch is mentioned inside of the files debian/patches/series and debian/rules.

In debian/patches/series, just take out the entire line where no-sslv2 is mentioned. In my case the file originally looked like:

33 default_bits.patch 
	34 ssltest_no_sslv2.patch 
	35 cpuid.patch

and after the change it became:

33 default_bits.patch 
	34 cpuid.patch 
	35 aesni-mac.patch

Also remove just the no-ssl2 from one line in debian/rules:

Original line:

22 CONFARGS  = --prefix=/usr --openssldir=/usr/lib/ssl –libdir=lib/$	(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 zlib  enable-tlsext no-ssl2

After removal:

22 CONFARGS  = --prefix=/usr --openssldir=/usr/lib/ssl --libdir=lib/$	(DEB_HOST_MULTIARCH) no-idea no-mdc2 no-rc5 zlib  enable-tlsext

Now that all instances of the no-sslv2 patch have been removed, we can put the remaining patches back into place:

$ quilt push -a

If you were to stop at this point in the tutorial, upon installing you would be able to successfully issue the command:

$ openssl s_client -ssl2 -connect

If the connection is made, the server is configured to use SSL version 2.


TLS Plain Text Injection

TLS plain text injection is a vulnerability where if a command is injected in plain text before an encrypted authenticated session begins, the command is run after the encrypted session has started. Wietse Venema,describes it in detail here: http://www.postfix.org/CVE-2011-0411.html and gives a quick way to modify the openssl source to check for this issue. At this link, you can find out how to replace the -starttls smtp flag to test for TLS plain text injection. However by following that guide, you’ll be losing the previous functionality. So instead, I’ll be showing you how to add a few new commands: -starttls smtpi and -starttls ftpi that will add the a TLS injection check without losing any of the old openssl functionality.
Open apps/s_client.c in your favorite text editor (I’m rather partial to VIM). We are pretty much going to change the source of this file anywhere PROTO_FTP or PROTO_SMTP are used. So in vim I searched for PROTO_SMTP\|PROTO_FTP to highlight those areas and make them easy to find.

We need to add in the variables PROTO_SMTPI and PROTO_FTPI, just yank and put (copy / paste) the PROTO_SMTP and PROTO_FTP lines, stealing their format, and add the “I” to the end of them. Here is what it looks like on my screen (lines 550 and 554). The top part of the split screen is the original, the bottom is after the modification.

terminal_first

The next occurrence of our search term is where it checks what command line argument you passed to -starttls. We just need to copy the same format again and add options for smtpi and ftpi. Make sure to make the smtpi an else if, since there can only be one if. The following is what it should look like after you are done (new lines: 911, 912, 919, 920 )

terminal_second

Next up is a list of if statements to check which protocol you are using for -starttls so we can send the appropriate message to the server. This section is a bit more complicated, so play close attention to the code. For smtp the code looks like:

terminal_third

This means the same code will execute for smtp or smtpi. Now we just need to change the way the code in this if statement works:

terminal_fourth

So now, if starttls_proto==PROTO_SMTPI is given, it will append the harmless plain text command RSET to the STARTTLS command. By adding this, we will not lose our normal -starttls smtp functionality.

Nearly the same thing is done for the PROTO_FTP else if section, only instead of RSET you will use a NOOP command for no-operation.

termail_fifth

and

terimal_sixth

Go ahead and save the file. If you were to stop at this point in the tutorial, upon installing you would be able to successfully issue the command:

$openssl s_client -starttls ftpi -connect

Upon making the connection, openssl will print out information on the cipher. There will be a line that is just two dashes (“–”) and then a 220 response. The 220 response is saying the server connected to you and is happy. Now if there is another line that says “220 Command okay.” that means it also revived and executed your NOOP command which was sent in plain text, and thus the server is vulnerable.

CRIME

CRIME is a vulnerability in SSL compression. If a web server supports SSL compression then it is vulnerable to the CRIME attack. If you just do an apt-get install openssl you probably don’t have zlib enabled, so openssl will not try to use compression while connecting to a server. To make sure you have zlib, just configure with the the parameter “zlib” and “zlib-dynamic” as so:

$ ./config zlib zlib-dynamic

Now if you were to install at this point, whenever you use s_client to connect to a server, openssl will automatically try to use compression. If you see “Compression: gzip” then the server supports SSL compression and is vulnerable to CRIME. However, if you see “Compression: None” it is not vulnerable.

Installing
Run the following commands to install your changes. From the openssl directory do the following.

Update the source:

$ dch -n 'sslv2, tls injection and zilb'

Record the changes in the source tree:
 $ dpkg-source –commit

Build the package:


$ debuild -uc -us

Install:
$ cd ../
 $ sudo dpkg -i *ssl*.deb

That’s it! Now openssl can test for SSLv2, CRIME, SMTP TLS plain text injection, and FTP TLS plain text injection, all without breaking the other wonderful things we love about openssl (such as testing expired certificates, self-signed certificates, weak ciphers and more). One tool to rule them all.

Read the original blog entry...

More Stories By Hurricane Labs

Christina O’Neill has been working in the information security field for 3 years. She is a board member for the Northern Ohio InfraGard Members Alliance and a committee member for the Information Security Summit, a conference held once a year for information security and physical security professionals.

IoT & Smart Cities Stories
Dynatrace is an application performance management software company with products for the information technology departments and digital business owners of medium and large businesses. Building the Future of Monitoring with Artificial Intelligence. Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more busine...
The challenges of aggregating data from consumer-oriented devices, such as wearable technologies and smart thermostats, are fairly well-understood. However, there are a new set of challenges for IoT devices that generate megabytes or gigabytes of data per second. Certainly, the infrastructure will have to change, as those volumes of data will likely overwhelm the available bandwidth for aggregating the data into a central repository. Ochandarena discusses a whole new way to think about your next...
CloudEXPO | DevOpsSUMMIT | DXWorldEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
All in Mobile is a place where we continually maximize their impact by fostering understanding, empathy, insights, creativity and joy. They believe that a truly useful and desirable mobile app doesn't need the brightest idea or the most advanced technology. A great product begins with understanding people. It's easy to think that customers will love your app, but can you justify it? They make sure your final app is something that users truly want and need. The only way to do this is by ...
Digital Transformation and Disruption, Amazon Style - What You Can Learn. Chris Kocher is a co-founder of Grey Heron, a management and strategic marketing consulting firm. He has 25+ years in both strategic and hands-on operating experience helping executives and investors build revenues and shareholder value. He has consulted with over 130 companies on innovating with new business models, product strategies and monetization. Chris has held management positions at HP and Symantec in addition to ...
DXWorldEXPO LLC announced today that Big Data Federation to Exhibit at the 22nd International CloudEXPO, colocated with DevOpsSUMMIT and DXWorldEXPO, November 12-13, 2018 in New York City. Big Data Federation, Inc. develops and applies artificial intelligence to predict financial and economic events that matter. The company uncovers patterns and precise drivers of performance and outcomes with the aid of machine-learning algorithms, big data, and fundamental analysis. Their products are deployed...
Cell networks have the advantage of long-range communications, reaching an estimated 90% of the world. But cell networks such as 2G, 3G and LTE consume lots of power and were designed for connecting people. They are not optimized for low- or battery-powered devices or for IoT applications with infrequently transmitted data. Cell IoT modules that support narrow-band IoT and 4G cell networks will enable cell connectivity, device management, and app enablement for low-power wide-area network IoT. B...
The hierarchical architecture that distributes "compute" within the network specially at the edge can enable new services by harnessing emerging technologies. But Edge-Compute comes at increased cost that needs to be managed and potentially augmented by creative architecture solutions as there will always a catching-up with the capacity demands. Processing power in smartphones has enhanced YoY and there is increasingly spare compute capacity that can be potentially pooled. Uber has successfully ...
SYS-CON Events announced today that CrowdReviews.com has been named “Media Sponsor” of SYS-CON's 22nd International Cloud Expo, which will take place on June 5–7, 2018, at the Javits Center in New York City, NY. CrowdReviews.com is a transparent online platform for determining which products and services are the best based on the opinion of the crowd. The crowd consists of Internet users that have experienced products and services first-hand and have an interest in letting other potential buye...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...