Date post: | 30-Jun-2015 |
Category: |
Technology |
Upload: | nazar-tymoshyk |
View: | 1,285 times |
Download: | 0 times |
Unusual security vulnerabilities
Yuriy Bilyk
Agenda
RegExp
Cryptography
RegExp? It’s simple!
e-m ail va lidation RegExp
e-mail validation RegExp
Not sure if Chinese
or Egyptian
Problems
RegExp DoS attacks
Issues in RegExp engine
RegExp: ^(([a-z])+.)+[A-Z]([a-z])+$
Input data: aaaaaaaaaaaaaaaa…aa
45
40
30
20
CHARS
0.003
TIME
0.339
41
466
RegExp DoS attacks
For the input aaaaX there are 16 possible paths in the above graph.
But for aaaaaaaaaaaaaaaaX there are 65536 possible paths
RegExp: ^(a+)+$
Where is the problem?
a
a2 51 4
3
a a
aa
aa
Broken engine
• OpenID like auth, but we trust only local host
• EXT HOST send AUTENICATED, if OK
• We can set EXT HOST URL
• RegExp to check RESPOND: /[^\
w]AUTHENTICATED[^\w]*$/
RegExp Engine Issues Example
OpenID example
TO EXTERNAL HOST->login:pass
AUTHENTICATED
LOCAL EXTERNAL HOST
1
2
Movie time
Double Request
http://192.168.22.129/?pingback= -> http://192.168.22.129/?pingback=http://192.168.130
TO EXTERNAL HOST->login:pass
!AUTHENTICATED!\n
TO LOCAL HOST->login:pass
1
2
3
RegExp attack (Step 1)
http://192.168.130 responded with: !AUTHENTICATED!\n
RegExp body =~ /[^\w]AUTHENTICATED[^\w]*$/ PASSED
2
http://192.168.22.129/?pingback= -> http://192.168.22.129/?pingback=http://192.168.130
!AUTHENTICATED!\n
RegExp attack (Step 2)
http://192.168.22.129/?pingback=http://192.168.130 responded with:
blablabla !AUTHENTICATED!\n … blabla\n!AUTHENTICATED!\n
TO LOCAL HOST->login:pass3
http://192.168.22.129/?pingback= -> http://192.168.22.129/?pingback=http://192.168.130
RegExp body =~ /[^\w]AUTHENTICATED[^\w]*$/ PASSED AGAIN
RegExp attack (Final Step)
[Problem is]: body =~ /[^\w]AUTHENTICATED[^\w]*$/
• Normal RegExp engine stop after first line ($ - EOL):blablabla !AUTHENTICATED!\n … blabla
• Ruby interpreter $ as just EOL character, but scans next lines in the “file”
http://192.168.22.129/?pingback=http://192.168.130 responded with:
blablabla !AUTHENTICATED!\n … blabla\n!AUTHENTICATED!\n
• ReDoS Static Analysis – RXXR
– http://www.cs.bham.ac.uk/~hxt/research/rxxr.shtml
• Issues – know features of platform/language
How to mitigate
Cryptography in God we trust
the rest we test
Cryptography is cool
Bitcoin – distributed cryptocurrency
Kryptos - encrypted sculpture. One of the most famous unsolved codes in the world
Crypto is widely used – wireless (WiFi,GSM,RFID etc.), banking, games (X-Box, PS3 etc.), e-mail anti-spam (DKIM)
I changed all my passwords to "incorrect", So whenever I forget, It will tell me "Your password is incorrect."
some ideas need audit
Wrong usage is bad
Using hash algorithms as crypto, and weak or custom realizations of crypto algorithms
Neutralization all advantages of crypto through user comfort
The believe, that crypto will secure you by itself
Low level of understanding, why you need crypto
• User can send points to other user
• All URL options/values signed by secret key
• All transactions are visible to all
SHA Length Extension Example
SHA: Message sign (MAC)
http://...?to_user=guest&points=200|sign:675fsdg87gs3vh
MSG
Block 1 Block 2 Block N
…
HASH
KEY
+
SHA Padding: Theory (Hash BOX)KEY
MESSAGE
NULL Bytes Padding
MESSAGE+KEY Length
Just 1 Bit
SHA: Length extension attack
MSG
Block 1 Block 2 Block N
…
http://...?to_user=guest&points=200 &<PADDING>to_user=hacker|sign:f97h23n483a2ce
PADDING +DATA
HASH
+
KEY
SHA Padding: Theory (Attack)
KEY Original MSG
NULL Bytes Padding
MESSAGE Length
BOX 1 BOX 2Extended Part
Where is the problem?
HASH (KEY+MSG) is BAD - extension attack is possible
HASH (MSG+KEY) is GOOD - extension attack is impossible
Order is important
• Use HMAC for signing• Use SHA-256 etc• Don’t create own crypto (only if you are
not a genius in mathematic, but even you’re don’t do it!)
How to mitigate
Kryptography is kind of art
Review
• RegExp is powerful tool:–Even for DoS–Some engines work not as expected
• Cryptography isn’t safe by itself:–Use industry standards–Understand how crypto is working–Make sure that your
implementation/improvement isn’t broken
Questions?