CAPEC-217 - Exploiting Incorrectly Configured SSL Security Levels

An attacker may take advantage of a setting in SSL that allows for weaknesses within that setting to be exploited to gain access to data intended to be encrypted, or injection commands or other traffic into the encrypted stream to cause compromise of either the client or server.

Severity

Likelihood

Confidentiality

Integrity

Availability

  • Purposes 1
  • Penetration
  • Sec Principles 1
  • Complete Mediation
  • Scopes 2
  • Read application data
  • Confidentiality
  • Gain privileges / assume identity
  • Authorization
  • Access_Control
  • Confidentiality

High level: The attacker needs real-time access to network traffic in such a manner that the attacker can grab needed information from the SSL stream, possibly influence the decided-upon encryption method and options, and perform automated analysis to decipher encrypted material recovered. Tools exist to automate part of the tasks, but to successfully use these tools in an attack scenario requires detailed understanding of the underlying principles.

Access to the client/server stream.

The attacker needs the ability to sniff traffic, and optionally be able to route said traffic to a system where the sniffing of traffic can take place, and act upon the recovered traffic in real time.

Assisted protocol analysis: because the protocol under attack is a public channel, or one in which the attacker likely has authorized access to, they need simply to decode the aspect of channel or message interpretation that codes for message identifiers.

Probing is as simple as changing this value and watching its effect.

Step 1 -

Determine the configuration levels of either the server or client being targeted, preferably both. This is not a hard requirement, as the attacker can simply assume commonly exploitable configuration settings and blindly attempt them..


Step 1 -

Provide controlled access to the server by the client, by either providing a link for the client to click on, or by positioning one's self at a place on the network to intercept and control the flow of data between client and server, e.g. MITM (man in the middle)..


Step 1 -

Insert the malicious data into the stream that takes advantage of the configuration flaw..


Usage of configuration settings, such as stream ciphers vs. block ciphers and setting timeouts on SSL sessions to extremely low values lessens the potential impact. Use of later versions of TLS (e.g. TLS 1.1+) can also be effective, but not all clients or servers support the later versions.