Presentations and whitepapers can be found here.
New Tricks for Defeating SSL in Practice – Moxie Marlinspike (Mike Benham)
This talk started off with an explanation of a vulnerability that Benham exposed in 2002. Basically, some CAs did not explicity set the basicConstraints field in leaf node certificates (site certs) and web browsers were not verifying the basicConstrainsts fields. So, anyone with a valid leaf node certificate could create a valid certificate for a site of their choosing that would chain back to the root CA. Benham wrote a tool called sslsniff to leverage this vulnerability and perform a man-in-the-middle attack.
The new vulnerability that Benham discussed is actually a problem with the way that sites utilize https. Many sites that require user authentication have homepages served over http with a login form where users put their login and password information. When the user clicks submit, an HTTPS POST is performed so that the credentials are secure while in transit to the server. However, if an attacker can intercept the initial page while it is being served to the user and rewrite the POST https url to an http url that he controls, the attacker can steal the credentials. Benham wrote a tool called sslstrip that performs this attack and goes a step further and also proxies the https POST so that the victim has no indication that he was attacked.
To test sslstrip, he set it up on a Tor exit router for a period of 24 hours. Out of hundreds of sessions that were attacked, everyone entered their credentials once the login page came up.
Let your Mach-O fly – Vincenzo Iozzo
This talk was about how to inject a binary into process that is already running on Mac OSX without involving the kernel. The presenter first explained how the Mach-O file structure is laid out. Segments in Mach-O appear to be analogous to sections in PE. The first segment (segment 0) in a Mach-O file is called __PAGEZERO, is located at virtual address 0, and it has no protection rights assigned to it. Therefore, an attempt to reference NULL will result in a crash. On disk, __PAGEZERO occupies no space, but in memory it is one page.
First the exploit performs a __PAGEZERO infection by changing the protection flags and then storing a crafted stack and auto-loader code at the end of the binary. Then __PAGEZERO is set to point to the crafted stack, and the first bytes of the file are overwritten with the address of the auto-loader. [missing details.]
The auto-loader impersonates the kernel: un-maps the old binary and maps the new one. Certain libSystem variables (for example, malloc related ones) need to be cleared or the new binary will crash. Mac OSX Leopard uses Address Space Layout Randomization (ASLR) for libraries and the variables that need clearing are not exported. Leopard libraries are randomized whenever the system or the libraries are updated and the segment addresses are saved in dyld_shared_cache_arch_map. Reading this file might not be possible due to permissions, so the variables are located in memory instead. Linker functions are used to determine the base address of libSystem, and then the location of the __DATA segment. The symbol table in the on-disk version of libSystem is examined and the symbols of interest are relocated by the offset of the __DATA segment. Finally the linker is called just as if the process had just started.
The exploit that the speaker demonstrated involved a ëvictimí process that listened for a binary. Upon receiving the binary, the process injected the binary into itself. Iozzo successfully injected nmap into the victim process, but his attempt to inject Safari failed due to some plist issues.
Attacking Intel Trusted Execution Technology – Joanna Rutkowska and Rafal Wojtczuk
This talk discusses a vulnerability that can allow Dynamic Root of Trust Measurement (DRTM) to be circumvented. In the more general case, the vulnerability may be exploitable on a wide variety of modern systems.
The talk started out with several real world examples of TPM use. For example, MS bitlocker uses a key k that is sealed into the TPM and is only accessible if the correct software gets started. Then, k can be used to decrypt the disk. The problem with this approach is that k must be present in memory all the time (the OS needs it to do disk on the fly encryption), so there is the potential for malware to sniff it.
Next, the presenters discussed problems with Static Root of Trust Measurement (SRTM) approach such as the need to measure every possible piece of code that might have been executed since the system booted which affects the scalability of the approach. DRTM was introduced by Intel as an attempt to address the scalability issues of SRTM. A new TXT instruction, SENTER (the corresponding AMD instruction is SKINIT), allows for a chunk of memory to gain protection from tampering and to be executed. Before the memory is executed, pcr 18 is extended with the hash of the memory and pcrs 17 and 18 are reset. SENTER does not check the value of pcr 18 and the memory will execute regardless of pcr 18ís contents. However, the memory can only unseal secrets if pcr 18 is correct. DRTM allows for a shorter chain of trust than SRTM ñ all the code that executes prior to the SENTER call does not need to be verified.
The attack that Invisible Things developed originates from the System Management Mode (SMM) which the speakers describe as conceptually being ring -2. SMM code can access the whole system memory and the System Management Interrupt (SMI) can preempt a hypervisor. Also, SMM code can access I/O devices. SMM is part of the BIOS and SENTER does not examine SMM at all. The attack patches grub so that it injects shellcode into the SMM that will infect the xen hypervisor after the SENTER call executes. The shellcode overwrites the address of an unused entry in the hypercall_table.
In order to develop the shellcode that is injected into the SMM, the speakers needed to examine the SMM code. However, the SMM RAM (SMRAM) is locked and hypervisor/kernel mode code cannot read or write to it, so they desoldered the SMRAM chip from the motherboard and attempted to access the code. The image was heavily packed, and not suitable for their purposes. They were able to leverage a memory remapping bug in the Q35 BIOS (mentioned in their BH 08 talks) to read/write to SMM memory.
SMM code tends to be customized for a particular chipset, so it is difficult to deploy a stable well-understood codebase to each motherboard. To combat this, Intel describes a SMM Transfer Monitor (STM) which is a hypervisor that virtualizes the SMM. It would sandbox the platform SMM so that the SMM could not infect the hypervisor, etc. Intel envisions the STM as being a small, stable codebase that is consistent across systems.
A Wolf in Sheepís Clothing: The Dangers of Persistent Web Browser Storage – Michael Sutton
This talk describes the Google Gears technology and how in some cases it is vulnerable to XSS attacks. Google Gears (now known as just Gears) was released in May of 2007. It was developed to allow offline access to applications and data. There are three primary components: a webserver to serve applications, a database (sqlite) to store application code and user data, and a workerpool module to execute resource intensive javascript in the background (to improve performance).
Apparently, the HTML 5 specification includes local database storage. Safari 3.1 which was released in march of 2007 includes a full local relational database. The presenter believes that Google will try to keep the storage aspect of Gears aligned with the HTML 5 spec as it evolves (there is a Google employee on the HTML 5 committee).
The presenter demonstrated that it was possible to expose the local database in Gears to a SQL injection attack via XSS.
Satellite Hacking for Fun and Profit – Adam Laurie
The first part of this talk was Laurie describing his home satellite setup and describing/demoing some tools he has built to assist in his ëfeed hunting.í He has a dreambox receiver which runs linux and can be customized by the end user. He developed a python script that scans the sky at different positions/frequencies and produces a 3d graph that can be clicked on to attempt to lock on to a channel. Laurie also demonstrates the open source package dvbsnoop which is a dvd and mpeg stream analyzer that can be used for obtaining more information about a particular stream.
The second part of the talk was about RFIDs, and Laurie demonstrates how the RFID in a passport can be cloned. He also, shows how a cheap commodity reader can be put into emulation mode and can emulate a RFID. So, in theory, someone could walk down the street with a reader looking for passports equipped with RFID chips, and then relay the information to an emulator somewhere else in the world.
Dissecting Web Attacks ñ Val Smith – Colin Ames
The presenters started off with some examples of why web attacks are profitable for attackers. There is a 2.6 billion dollar industry in China involving selling World of Warcraft items. By steering users to malicious sites and gaining access to their computers, it is possible to steal information such as WoW credentials. Aside from that example, attackers can make money in a variety of was: advertising, malware infection and botnets. The two major attacks discussed in the presentation were blog spam and web site injection. The presenters have observed the majority of the former originating from Russia and the majority of the latter coming from China.
The presenters investigated some spam on a blog and determined that the location of the email address associated with the account that made the comment did not coincide with the location of the IP address. One was in Germany and the other was in China. Involving multiple countries can make it difficult to locate the source of the attack. Attackers can also obfuscate links in javascript code and even obfuscate javascript code by constructing words from components. There is a Firefox plugin called tamper data that can pause http connections to see whatís actually happening behind the scenes. Using data left on the attack site, the presenters were able to track the attack back to a DSL user in Russia.
Next the presenters described the general format of a web site injection attack. The initial goal is to compromise the users of thousands of websites, and the secondary goal appears to be gaining information such as game accounts, passwords and financial data. The attack begins by finding vulnerable websites and using SQL injection to upload backdoors. When cients visit these sites, they become compromised. There are numerous Chinese tools and how-to sites that exist for generating SQLi attacks. One attack that can be used to compromise an IIS server is to upload a corel draw gif (cdx) file with vb code inside of it. IIS parses files to determine if they contain code and then runs it.
Blinded by Flash: Widespread Security Risks Flash Developers Don’t See -Prajakta Jagdale
The presentation started off with a basic no-no: hardcoding username and passwords inside a .swf file. Of the 150 swf files gathered by the Jagdale from google, 23 (15%) had some credentials stored in them. Then a brief overview of the flash security model was presented. Flash performs sandboxing based on domains, so .swfs in the same domain can communicate with each other. Cross-domain communication can be achieved through policy files (crossdomain.xml).
Next several exploits were demonstrated. First, cross-site request forgery where script code makes request to a website that looks like a user making the request (using multiple tabs so that session info is sent by browser) was shown. Then, script injection where the getURL function is called on unintialized global variables (flash vars can be set directly through a query variable, and javascript can be sent through query variable). Anchor and img tags can also be used as injection points, and unchecked metadata can contain code.
Some tools that the Jagdale mentioned are flare and flasm with care flash decompilers. Swfintrude ander swfscan report security issues detected in flash, but obfuscation can be used to hide malicious code from these tools.
Your face is NOT your password – Duc Nguyen
This talk demonstrated how the face based authentication algorithms used by Asus, Toshiba and Lenovo laptops can be defeated by a picture of the account holder. During the training process, all of these algorithms appear to take multiple pictures of the account holder, and then analyze them for features. The presenter would not explain the procedure he used to generate the pictures that he used in the exploit (they were not just standard snapshots), but I suspect that he is just generating a composite image that highlights the features that are likely to be looked for by the authentication algorithms.
In the demonstration, he setup face based authentication on one of the laptops for an audience member, and then demonstrated how images of the audience member could easily be obtained using a Skype video conference. The first image that the presenter produced did not successfully authenticate, but after he recaptured images of the audience member with a darker background, he was able to authenticate (using a printout and holding up a laptop with the image on it to the camera).
One Cell is Enough to Break Torís Anonymity – Xinwen Fu
This talk was about trying to correlate an entry router (c1) and an exit router (c3) in the Tor network With this knowledge, it would be possible to determine the IP address of the individual accessing a particular site thereby breaking the anonymity provided by Tor.
The presenter started out giving a detailed description of the operation of Tor and then proceeded to describe the attack. Typically, a user of the Tor network routes his traffic through 3 routers (c1 = entry, c2, and c3 = exit). Cells transmitted from router to router in the Tor network are encrypted using AES, and there is an AES counter that is synchronized at each router. If an attacker has control of c1, and replays a cell, then this will cause a decryption error at the end of the circuit (c3). So, assuming the attacker has control of c1 and c3, he can simply replay packets and observe if a decryption error occurs. However, when a decryption error occurs, the circuit is torn down, so the client might be tipped off that something is amiss. The presenter suggests waiting until a circuit is idle before performing the attack, or performing it at the end of the lifetime of a circuit (default lifetime is 10 minutes) while holding the teardown commands.
So given this attack, the obvious dilemma is how to ensure that c1 and c3 are compromised. The presenter suggested two schemes. The first one is to inject (donate) high-bandwidth routers into the Tor network. The default protocol for choosing routers is to select those with high bandwdith. The second scheme is to compromise high-bandwidth Tor routers in the Tor network. The presenter claims that given 9% of the Tor routers are malicious, over 60% of the connections can be compromised.
This attack can also be used as a DoS if entry routers simply replay packets to force circuit teardowns. One possible mitigation strategy is to use routers in different countries or regions in order to prevent a single organization from deploying the attack.
During the Q&A part of the presentation, a guy from Tor (Paul Syverson, I believe) got up and the following awkward exchange occurred (this is condensed from my memory):
Syverson: Congratulations on doing a good job explaining Tor and your attack, but weíve known such attacks were possible since we wrote the original specification
Syverson: There are other methods of correlation that do not cause circuit teardown and have a false positive rate of something like .0006. [I think it was a counting attack]
Fu: Well, this approach provides correlation with 100% certainty
Cross Site Scripting Anonymous Browser – Matthew Flick
The attack described in this presentation falls under the ëcoolí, but not necessarily useful category. I would liken it to a Rube Goldberg device. The presenters developed a system that uses unwitting participants to fetch web content for them. The victims are exploited through a XSS attack that induces them to retrieve data from a specified URL and then upload it to a specified collection site. So, if a victim notices extraneous network traffic through a sniffer, or the aforementioned tamper data plugin, they could identify the attackerís ëcollectioní site. Then, the attacker can be identified by simply observing who connects to the collection site to gather the uploaded data. To avoid this scenario, the presenters recommend that the attacker connect to their collection site via Tor or some other anonymizing technology. Mike Benham asked the presenters why an attacker wouldnít just use Tor and collect the data himself, but the presenters didnít really have a good answer. I suppose using Tor coupled with this attack would make locating the attacker more difficult, but Iím not sure if itís worth the attack setup cost.
Securing Webgoat with Modsecurity – Ryan C. Barnett
This was a slightly modified (shorter) version of the talk that Barnett gave at the meeting of the Northern Virginia chapter of OWASP earlier in the month. Basically, Barnett explains how the open source Web Application Firewall (WAF), modsecurity, can be used to protect Webgoat from various attacks. ìWebGoat is a deliberately insecure J2EE web application designed to teach web application security lessons.î As the name indicates, modsecurity is an apache module that can either function in embedded mode or in reverse proxy mode. Modsecurity rules are specified in an event based programming language that is similar to Snort. First, Barnett discusses various uses of virtual patching on WAFs such as preventing malicious traffic from reaching an application while that application is being patched. Then he showed rules that can be used to protect Webgoat from reflected XSS attacks by using the built-in transactional collection to check if outbound payload matches inbound content for a particular session. This obviates blacklisting every known XSS payload. Stored XSS attacks can be blocked by using the persistent global collection to compare outbound payloads to previously supplied user data.