Monday, August 31, 2020

What Is Cybercrime? What Are The Types Of Cybercrime? What Is Cyberlaw In India?

What is cyber crime?

Cybercrime is the use of computers & networks to perform illegal activities such as spreading viruses,online  bullying,performing unauthorized electronic fund transfers etc. Most cyber crimes are committed through the internet.
Some cyber crime also be carried out using mobile phones via Sms and online chatting applications.

TYPES OF CYBERCRIME

The following list presents the common types of cybercrimes-

1-Computer Fraud-Intential deception for personal gain via the use of computer system.

2-Privacy Violations-Exposing personal information such as email addresses,phone numbers,account details etc, on social media,websites,etc.

3-Identity theft-Stealing personal information from somebody and impersonating that person.

4-Sharing copyright files/information-This involves distributing copyright protected files such as eBooks and computer program etc.

5-Electronic funds transfer-This involves gaining an unauthorized access to bank computer networks and making illegal funds transferring.

6-Electronic money laundering-This involves the use of the computer to launder money.

7-Atm fraud-This involves intercepting ATM card details such as account numbers and PIN numbers.These details are then used to withdraw funds from the intercepted accounts.

8-Denial of service attack-This involves the use of computers in multiple locations to attack servers with a view of shutting them down.

9-Spam:sending unauthorized emails.
These emails usually contain advertisements.


CYBER LAW

Under The Information Technology Act,2000 
CHAPTER XI-OFFENCES-66. Hacking with computer system.

1-whoever with the Intent to cause or knowing that he is likely to cause Wrongfull Loss or Damage to the public or any person Destroys or Deletes or Alter any Information Residing in computer Resource or diminishes its value or utility or affects it injuriously by any means, commits hack.

2-whoever commits hacking shell be punished with imprisonment up to three years, or  with fine which may extend up to two lakh rupees,or with both.

Continue reading


  1. Best Hacking Tools 2020
  2. Hacking Tools Windows
  3. Hackers Toolbox
  4. Pentest Tools Apk
  5. Hacker Tools For Pc
  6. Pentest Tools
  7. Hacking Tools Windows
  8. Nsa Hacker Tools
  9. Best Hacking Tools 2020
  10. Github Hacking Tools
  11. Hack Tools For Games
  12. Pentest Tools Android
  13. Hacking Tools Windows 10
  14. Wifi Hacker Tools For Windows
  15. How To Install Pentest Tools In Ubuntu
  16. Hacking Apps
  17. World No 1 Hacker Software
  18. Hacking Tools Software
  19. Hacking Tools Online
  20. Hacking Apps
  21. Hacking Tools For Kali Linux
  22. Pentest Tools Android
  23. Hack Tool Apk No Root
  24. Pentest Tools For Windows
  25. Hacking Tools Mac
  26. Hacking Tools For Beginners
  27. Hak5 Tools
  28. Pentest Tools Bluekeep
  29. Github Hacking Tools
  30. Tools 4 Hack
  31. Hacker
  32. Pentest Tools Review
  33. Pentest Automation Tools
  34. Hacker Tools For Pc
  35. Hacking Tools And Software
  36. Hacking Tools
  37. Hacker Tools For Pc
  38. Nsa Hack Tools Download
  39. Pentest Tools Port Scanner
  40. Hack Rom Tools
  41. Nsa Hacker Tools
  42. Wifi Hacker Tools For Windows
  43. Best Hacking Tools 2020
  44. Hack And Tools
  45. Pentest Tools Find Subdomains
  46. Usb Pentest Tools
  47. New Hacker Tools
  48. Hacking Tools Github
  49. Hacker Tools For Pc
  50. Hack App
  51. Pentest Tools Kali Linux
  52. Pentest Tools Website
  53. Hacker Tools Linux
  54. Pentest Tools For Ubuntu
  55. Pentest Tools For Ubuntu
  56. Hack Tools 2019
  57. Pentest Tools For Android
  58. Pentest Tools For Windows
  59. Pentest Tools
  60. Nsa Hacker Tools
  61. Hacking Tools Windows
  62. Pentest Recon Tools
  63. Hacking Apps
  64. Hacking Tools
  65. Hack Tools
  66. Blackhat Hacker Tools
  67. Pentest Reporting Tools
  68. Ethical Hacker Tools
  69. Hacker Tools 2020
  70. Hacking Tools For Kali Linux
  71. Hacker Tools Hardware
  72. World No 1 Hacker Software
  73. Pentest Tools Nmap
  74. New Hacker Tools
  75. Hacker Tools Hardware
  76. Hacking Tools Kit
  77. Hacker Tools For Pc
  78. Hacker Tools Github
  79. Hacking App
  80. Pentest Tools Website
  81. Hacker Tools For Mac
  82. Hacking Tools And Software
  83. Hacker Tools Windows
  84. Hack Tools For Pc
  85. Hacker Security Tools
  86. Hack Tools For Ubuntu
  87. Hacker Tools Mac
  88. Easy Hack Tools
  89. Hacking Tools For Windows 7
  90. Tools For Hacker
  91. Pentest Tools Free
  92. Pentest Tools Url Fuzzer
  93. Pentest Tools Find Subdomains
  94. Hacker Tools For Windows
  95. Pentest Tools
  96. Hack Tool Apk
  97. Pentest Tools Linux
  98. Hack Tools
  99. Blackhat Hacker Tools
  100. Hacker Tools For Windows
  101. Hack Tools For Windows
  102. Best Hacking Tools 2020
  103. Github Hacking Tools
  104. Hacking App
  105. Hacker Techniques Tools And Incident Handling
  106. Pentest Tools For Windows
  107. Hak5 Tools
  108. Hacking Tools Windows 10
  109. Blackhat Hacker Tools
  110. Pentest Tools Url Fuzzer
  111. Pentest Tools Port Scanner
  112. Nsa Hacker Tools
  113. Pentest Tools Url Fuzzer
  114. Pentest Tools Review
  115. Best Hacking Tools 2020
  116. Hacker Tool Kit
  117. Hacking Tools For Windows
  118. Hack And Tools
  119. Hacker Tools Apk Download
  120. Nsa Hack Tools
  121. Hack Tools For Windows
  122. Hacking Tools For Windows 7
  123. Hacking Tools Windows 10
  124. World No 1 Hacker Software
  125. Hacker
  126. Pentest Tools Tcp Port Scanner
  127. Hack Tools For Ubuntu
  128. Pentest Tools Website
  129. Android Hack Tools Github
  130. Pentest Recon Tools
  131. Termux Hacking Tools 2019
  132. Pentest Tools Subdomain
  133. Best Hacking Tools 2020
  134. Pentest Tools Android
  135. Hacker Tools Hardware
  136. Hacking Tools For Mac
  137. Hacking Tools Windows 10
  138. Hacking Tools Kit
  139. How To Hack
  140. Hacking Tools Github
  141. Pentest Tools Framework
  142. Hacking Tools For Beginners
  143. Pentest Tools Review
  144. Hacker Tools Free
  145. World No 1 Hacker Software
  146. Best Hacking Tools 2019
  147. Hacker Tools For Mac
  148. Nsa Hack Tools
  149. Hacking Tools 2019
  150. Blackhat Hacker Tools
  151. Hack Tools For Windows
  152. Hacking Tools For Windows 7
  153. Game Hacking
  154. Pentest Tools Tcp Port Scanner
  155. Pentest Tools Android
  156. Hacker Tools Apk
  157. Top Pentest Tools
  158. Hacking App
  159. Pentest Tools Subdomain
  160. Ethical Hacker Tools
  161. Physical Pentest Tools
  162. Hack Tools For Mac
  163. How To Hack
  164. Hacker Tools Free Download
  165. Pentest Tools Port Scanner
  166. Hacking Tools For Mac
  167. Hacking Tools Kit
  168. Pentest Tools Download
Posted by at No comments:

Sunday, August 30, 2020

Vulcan DoS Vs Akamai

In the past I had to do several DoS security audits, with múltiples types of tests and intensities. Sometimes several DDoS protections were present like Akamai for static content, and Arbor for absorb part of the bandwith.

One consideration for the DoS/DDoS tools is that probably it will loss the control of the attacker host, and the tool at least has to be able to stop automatically with a timeout, but can also implement remote response checks.

In order to size the minimum mbps needed to flood a service or to retard the response in a significant amount of time, the attacker hosts need a bandwith limiter, that increments in a logarithmic way up to a limit agreed with the customer/isp/cpd.

There are DoS tools that doesn't have this timeouts, and bandwith limit based on mbps, for that reason I have to implement a LD_PRELOAD based solution: bwcontrol

Although there are several good tools for stressing web servers and web aplications like apache ab, or other common tools used for pen-testing, but I also wrote a fast web flooder in c++ named wflood.

As expected the most effective for taking down the web server are the slow-loris, slow-read and derivatives, few host were needed to DoS an online banking. 
Remote attacks to database and highly dynamic web content were discarded, that could be impacted for sure.

I did another tool in c++ for crafting massive tcp/udp/ip malformed packets, that impacted sometimes on load balancers and firewalls, it was vulcan, it freezed even the firewall client software.

The funny thing was that the common attacks against Akamai hosts, where ineffective, and so does the slow-loris family of attacks, because are common, and the Akamai nginx webservers are well tunned. But when tried vulcan, few intensity was enough to crash Akamai hosts.

Another attack vector for static sites was trying to locate the IP of the customer instead of Akamai, if the customer doesn't use the Akamai Shadow service, it's possible to perform a HTTP Host header scan, and direct the attack to that host bypassing Akamai.

And what about Arbor protection? is good for reducing the flood but there are other kind of attacks, and this protection use to be disabled by default and in local holidays can be a mess.

Continue reading


  1. Best Hacking Tools 2020
  2. Hack Tool Apk
  3. Growth Hacker Tools
  4. Pentest Tools Linux
  5. Hacking Apps
  6. Pentest Tools Open Source
  7. Install Pentest Tools Ubuntu
  8. Hacker Tools For Windows
  9. Pentest Tools Review
  10. Pentest Tools Review
  11. Hacker Tools For Mac
  12. Hacker Tools For Mac
  13. Hacker Tools Windows
  14. Hacking Tools Software
  15. Ethical Hacker Tools
  16. Hack Website Online Tool
  17. How To Make Hacking Tools
  18. Hacking Tools Mac
  19. Hacker Tools List
  20. Hack Tools Online
  21. Hack Tools
  22. Pentest Box Tools Download
  23. Free Pentest Tools For Windows
  24. Hack Tools Mac
  25. Hacks And Tools
  26. Hacking Tools Name
  27. Hacking Tools And Software
  28. Hacker Tools Apk Download
  29. Hack Tools For Ubuntu
  30. Hacking Tools For Games
  31. Hacking Tools And Software
  32. Hacker Tools For Mac
  33. Hacker Tools Apk Download
  34. Usb Pentest Tools
  35. Hackrf Tools
  36. Hacking Tools Hardware
  37. Beginner Hacker Tools
  38. Nsa Hacker Tools
  39. Pentest Tools Alternative
  40. Top Pentest Tools
  41. Pentest Tools Github
  42. Hack Tools For Games
  43. Hacker Tools For Pc
  44. Hacker Tools List
  45. Pentest Tools Open Source
  46. Pentest Tools Apk
  47. Pentest Tools
  48. World No 1 Hacker Software
  49. Hack Tools 2019
  50. Nsa Hacker Tools
  51. Pentest Tools Website
  52. Hacking Apps
  53. Easy Hack Tools
  54. Hacking Tools 2019
  55. Underground Hacker Sites
  56. Hacks And Tools
  57. Hacking Tools For Games
  58. Pentest Tools For Ubuntu
  59. Install Pentest Tools Ubuntu
  60. Pentest Recon Tools
  61. Pentest Tools Github
  62. What Are Hacking Tools
  63. Pentest Tools Linux
  64. Hacking Tools For Windows Free Download
  65. Hacker Tools 2019
  66. Tools 4 Hack
  67. Pentest Tools Github
  68. Hacker Search Tools
  69. Hacking Tools Pc
  70. Pentest Box Tools Download
  71. Hacker Tools 2019
  72. Growth Hacker Tools
  73. Nsa Hack Tools Download
  74. Pentest Tools Framework
  75. How To Install Pentest Tools In Ubuntu
  76. Bluetooth Hacking Tools Kali
  77. Pentest Reporting Tools
  78. Hacking Tools Hardware
  79. Hacker Tools For Ios
  80. Pentest Automation Tools
  81. Hack Tools Download
  82. Usb Pentest Tools
  83. Hacker
  84. Pentest Tools Nmap
  85. How To Hack
  86. Hacker Tools Apk Download
  87. Nsa Hacker Tools
  88. Hacking Tools Software
  89. Hacking Tools For Kali Linux
  90. Hacker Tools For Windows
  91. Hacking Tools 2019
  92. Pentest Recon Tools
  93. Pentest Tools For Windows
  94. Hacking Tools Github
  95. Pentest Tools Port Scanner
  96. How To Hack
  97. Hacker Tools Free
Posted by at No comments:

OWASP ZAP RELEASES V2.8.0 WITH THE HEADS UP DISPLAY

OWASP ZAP RELEASES V2.8.0 WITH THE HEADS UP DISPLAY
Heads Up Display simplifies and improves vulnerability testing for developers

London, England, 20 June 2019. OWASP™ ZAP (Open Web Application Security Project™  Zed Attack Proxy) has released a new version of its leading ZAP Project which now includes an innovative Heads Up Display (HUD) bringing security information and functionality right into the browser. Now software developers can interactively test the reliability and security of their applications in real time while controlling a wide variety of features designed to test the quality of their software.

ZAP is a free, easy to use integrated penetration testing tool. With the addition of the Heads Up Display, ZAP can be used by security professionals and developers of all skill levels to quickly and more easily find security vulnerabilities in their applications. Given the unique and integrated design of the Heads Up Display, developers and functional testers who might be new to security testing will find ZAP an indispensable tool to build secure software.

The latest version of ZAP can be downloaded from https://www.owasp.org/index.php/ZAP  The full release notes are available at https://github.com/zaproxy/zap-core-help/wiki/HelpReleases2_8_0.

In addition to being the most popular free and open source security tools available, ZAP is also one of the most active with hundreds of volunteers around the globe continually improving and enhancing its features. ZAP provides automated scanners as well as a set of tools that allows new users and security professionals to manually identify security vulnerabilities. ZAP has also been translated into over 25 languages including French, Italian, Dutch, Turkish and Chinese. 

Simon Bennetts, OWASP ZAP Project Leader commented: "This is a really important release for the project team and developers who want to build great and secure applications. The HUD is a completely new interface for ZAP and one that is unique in the industry. It shows that open source projects continue to create high-quality, new and exciting tools that deliver real value to the market - and at no cost to users." 

"ZAP is the Foundation's most popular software tool," said Mike McCamon interim executive director of the OWASP Foundation. McCamon continued, "For nearly two decades OWASP continues to be a great destination for innovators to host, develop, and release software that will secure the web. Simon and the entire ZAP community deserves great recognition for their continued devotion to open source excellence."

For further information please contact:
Simon Bennetts, OWASP ZAP Project Leader: simon.bennetts@owasp.org  or Mike McCamon, Interim Executive Director, mike.mccamon@owasp.com

Related articles


  1. Pentest Tools Windows
  2. Hacking Tools Mac
  3. Hacks And Tools
  4. Blackhat Hacker Tools
  5. Hacking Tools 2020
  6. Pentest Tools Bluekeep
  7. Hacking Tools Pc
  8. Hacker Tools Free Download
  9. Pentest Tools Linux
  10. Hacking Tools Pc
  11. Hacker Tools For Mac
  12. Best Hacking Tools 2020
  13. Hacker Tools Apk
  14. Hacking Tools For Pc
  15. Hack App
  16. Hacking Tools Windows
  17. Hacker Search Tools
  18. How To Make Hacking Tools
  19. Hacking Tools Online
  20. Hacker Tools For Ios
  21. Pentest Tools Find Subdomains
  22. Pentest Tools Alternative
  23. Hacker Tools Apk Download
  24. Pentest Tools Kali Linux
  25. Hacking Tools For Beginners
  26. Hacking Tools Usb
  27. Hacking Tools Hardware
  28. Kik Hack Tools
  29. Pentest Tools Apk
  30. Hacker Hardware Tools
  31. Hacker Tools Github
  32. Pentest Tools Url Fuzzer
  33. Hacker Tools Hardware
  34. Hacking Tools Online
  35. Pentest Tools Github
  36. Pentest Tools Kali Linux
  37. Hacker Security Tools
  38. Pentest Automation Tools
  39. Hacking App
  40. Hacking Tools And Software
  41. Hacking Tools Software
  42. Best Hacking Tools 2020
  43. Hacker Tools List
  44. Best Hacking Tools 2019
  45. Pentest Tools
  46. Hack App
  47. Pentest Tools For Android
  48. Hacker Tools Free
  49. Hacking Tools Mac
  50. Pentest Reporting Tools
  51. New Hacker Tools
  52. Best Pentesting Tools 2018
  53. Nsa Hack Tools
  54. Hack And Tools
  55. Wifi Hacker Tools For Windows
  56. Best Hacking Tools 2019
  57. Hacking Tools For Mac
  58. Pentest Tools Android
  59. Best Hacking Tools 2020
  60. Top Pentest Tools
  61. World No 1 Hacker Software
  62. Hack Tools For Pc
  63. Hacking Tools And Software
  64. Blackhat Hacker Tools
  65. Hack And Tools
  66. Hacker Tools Linux
  67. Hack Tools For Mac
  68. Hack Tools For Mac
  69. Hack Tool Apk
  70. Pentest Tools Linux
  71. Hacker Search Tools
  72. Hacking Tools
  73. Hacking Tools For Kali Linux
  74. Hack Website Online Tool
  75. Hacker Tools For Pc
  76. Best Hacking Tools 2020
  77. Pentest Tools For Ubuntu
  78. Hacker Tools Windows
  79. Physical Pentest Tools
  80. Hacking Tools Free Download
  81. Hacker Tools Software
  82. Hack Website Online Tool
  83. Hacking Tools Free Download
  84. Pentest Tools Port Scanner
  85. Hacking Tools
  86. Game Hacking
  87. Pentest Tools For Android
  88. Hak5 Tools
  89. Hacker Tools Software
  90. Hacking Tools Kit
  91. Hacking Tools For Windows
  92. How To Make Hacking Tools
  93. Hacker Tools List
  94. What Are Hacking Tools
Posted by at No comments:

Saturday, August 29, 2020

Probing For XML Encryption Weaknesses In SAML With EsPReSSO

Security Assertion Markup Language (SAML) is an XML-based standard commonly used in Web Single Sign-On (SSO) [1]. In SAML, the confidentiality of transferred authentication statements against intermediaries can be provided using XML Encryption [2]. However, implementing XML Encryption in a secure way can be tricky and several attacks on XML Encryption have been identified in the past [3] [4]. Therefore, when auditing a SAML endpoint, one should always consider testing for vulnerabilities in the XML Encryption implementation.

This blog post introduces our latest addition to the SAML Attacker of our BurpSuite extension EsPReSSO: the Encryption Attack tab. The new tab allows for easy manipulation of the encrypted parts within intercepted SAML responses and can, therefore, be used to quickly assess whether the SAML endpoint is vulnerable against certain XML Encryption attacks.


Weaknesses of XML Encryption

Implementations of XML Encryption can be vulnerable to adaptive chosen ciphertext attacks. This is a class of attacks in which the attacker sends a sequence of manipulated ciphertexts to a decryption oracle as a way to gain information about the plaintext content.
Falsely implemented XML Encryption can be broken using:
  • an attack against the CBC-mode decryption (quite similar to a padding oracle attack) [3] or
  • a Bleichenbacher attack against the RSA-PKCS#1 encryption of the session key  [4].
SAML makes use of XML Encryption and its implementations could, therefore, also be vulnerable to these attacks.

XML Encryption in SAML

To support confidential transmission of sensitive data within the SAML Assertion, assertions can be encrypted using XML Encryption. An EncryptedAssertion is shown in the abridged example below.

<EncryptedAssertion>
  <EncryptedData>
    <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
    <KeyInfo>
      <EncryptedKey>
        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
        <CipherData>
          <CipherValue>
            [...]
          </CipherValue>
        </CipherData>
      </EncryptedKey>
    </KeyInfo>
    <CipherData>
        <CipherValue>
          [...]
        </CipherValue>
    </CipherData>
  </EncryptedData>
</EncryptedAssertion>

The EncryptedAssertion contains an EncryptedData element, which in turn is the parent of the EncryptionMethod, KeyInfo, and CipherData elements.  SAML makes use of what is referred to as a hybrid encryption scheme. This is done using a session key which symmetrically encrypts the payload data (the example uses AES-128 in CBC mode), resulting in the ciphertext contained in the EncryptedAssertion/EncryptedData/CipherData/CipherValue child element. The session key itself is encrypted using an asymmetric encryption scheme. In our example, RSA-PKCS#1.5 encryption is used with the public key of the recipient, allowing the contents of the the EncryptedKey child element to be derived from the KeyInfo element. 

Encryption Attacker

Our BurpSuite extension EsPReSSO can help detect vulnerable implementations with the newly integrated Encryption Attacker within EsPReSSO's SAML module.

Once a SAML response which contains an EncryptedAssertion has been intercepted, open the SAML tab, select the Attacks pane, and choose Encryption from the dropdown menu. This works in Burp's Proxy, as well as in the Repeater tool, and is depicted below.
As sketched out above, the symmetric session key is encrypted using the recipient's public key. Since the key is public, anybody can use it to encrypt a selected symmetric key and submit a valid encryption of arbitrary messages to the recipient. This is incredibly helpful because it allows us to produce ciphertexts that decrypt the chosen plaintexts. To accomplish this, one can purposefully send invalidly padded messages, or messages containing invalid XML, as a method to trigger and analyze the different reactions of the decryption endpoint (i.e, turning the endpoint into a decryption oracle). To facilitate these investigations, the new Encryption Attacker makes this process dead simple.
The screenshot above shows the essential interface of the new encryption tab:
At the top, the certificate used to encrypt the symmetric session key can be pasted into the text field. This field will be pre-filled automatically if the intercepted SAML message includes a certificate in the KeyInfo child element of the EncryptedData element. The Update Certificate checkboxes above the text area can be used to include the certificate in the manipulated SAML message.
In the Symmetric Key text field, the hexadecimal value of the symmetric session key can be set. Choose the asymmetric algorithm from the dropdown menu and click Encrypt key -- this will update the corresponding KeyInfo elements of the intercepted SAML message. 

The payload in the text area labeled XML data can now be entered. Any update in the XML data field will also be reflected in the hexadecimal representation of the payload (found on right of the XML data field). Note that this is automatically padded to the blocklength required by the symmetric algorithm selected below. However, the payload and the padding can be manually adjusted in the hex editor field.

Eventually, click the Encrypt content button to generate the encrypted payload. This will apply the changes to the intercepted SAML message, and the manipulated message using Burp's Forward or Go button can now be forwarded, as usual.

Probing for Bleichenbacher Oracles

Bleichenbacher's attack against RSA-PKCS1 v1.5 encryption abuses the malleability of RSA to draw conclusions about the plaintext by multiplying the ciphertext with adaptively chosen values, and observing differences in the received responses. If the (error-) responses differ for valid and invalid PKCS1 v1.5 ciphertexts, Bleichenbachers' algorithm can be used to decrypt the ciphertext without knowing the private key [6].

To determine whether or not a SAML endpoint is vulnerable to Bleichenbacher's Attack, we simply need to check if we can distinguish those responses received when submitting ciphertexts that are decrypted into invalidly formatted PKCS1 v1.5 plaintexts, from the responses we receive when sending ciphertexts that are decrypted into validly formatted plaintexts. 

Recall that PKCS1 v1.5 mandates a certain format of the encrypted plaintext, namely a concatenation of a BlockType 00 02, a randomized PaddingString (PS) that includes no 00 bytes, a 00 (NULL-byte) as delimiter, and the actual plaintext message. The whole sequence should be equal in size to the modulus of the RSA key used. That is, given the byte length k of the RSA modulus and the message length |m|, PS has the length |PS| = k - 3 - |m|. Furthermore, PKCS1 v1.5 demands that |PS| to be at least eight bytes long [5]. 

In SAML, the recipient's public key is usually known because it is published in the metadata, or even included in the EncryptedAssertion. For this reason, we do not need to fiddle around with manipulated ciphertexts. Instead, we simply submit a validly formatted RSA-PKCS1 v1.5 encrypted message and an encrypted message which deciphers into an invalidly formatted plaintext. As an example, assume an RSA public key of 2048 bits which we want to use to encrypt a 16 byte session key `01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10` (hexadecimal representation). |PS|$ is $2048/8 - 3 - 16 = 237, so a valid PKCS1 v1.5 plaintext, ready to be encrypted using `AA` for all 237 padding bytes, could look like the listing shown below.

00 02 AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA
AA AA AA AA AA AA AA AA AA AA AA AA AA AA AA 00
01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F 10
In the Encryption attack pane of EsPReSSO, ensure that the correct public key certificate has been added to the Certificate field. Insert a valid plaintext, such as the one above, into the Symmetric Key field and select Plain RSA encryption from the Algorithm drop down menu. Click the Encrypt button to compute the RSA transformation and apply the new EncryptedKey element to the intercepted SAML message. Now, submit the message by clicking Burp's Go or Forward button and carefully inspect the response.

Next, repeat the steps outlined above, but this time submit an invalid PKCS1 v1.5 message. For example, consider using an invalid BlockType of `12 34` instead of `00 02`, or replace the `00` delimiter so that the decryptor is unable to determine the actual message after decrypting the ciphertext. If you are able to determine from the recieved responses whether or not the submitted ciphertext decrypted into a valid PKCS1 v1.5 formatted plaintext, chances are high that the decryptor can be used as a Bleichenbacher oracle. Don't forget to take into account the actual XML data, i.e., the assertion encrypted with the new session key; by submitting valid or invalid XML, or by removing signatures from the SAML message or the assertion you may increase your chances of detecting differences in the returned responses.

Probing for Oracles in CBC-Mode Decryption

Another known attack on XML Encryption is aimed at the Cipher Block Chaining (CBC) mode, which can be used with the block ciphers AES or 3DES [2]. The attack is described in detail in this referenced paper [3] and is quite similar to Padding-Oracle attacks on CBC mode; the malleability of CBC mode encryption enables the attacker to perform a bytewise, adaptive manipulation of the ciphertext blocks which are subsequently sent to the decryptor. In most cases, the manipulated ciphertext will not decrypt to valid XML and an error will be returned. Sometimes, however, the plaintext will be parsed as valid XML, in which cases an error is thrown later on at the application layer. The attacker observes the differences in the responses in order to turn the decryptor into a ciphertext validity oracle which can be used to break the encryption.  Due to some particularities of the XML format, this attack can be very efficient, enabling decryption with about 14 requests per byte, and it is even possible to fully automate the process [7].

In order to determine if a particular SAML service provider is vulnerable to this attack, we can avoid the cumbersome ciphertext manipulation, if we are in possession of the decryptor's public key:
In the Encryption Attacker tab of EsPReSSO, add the public key certificate to the Certificate field (if necessary) and insert a symmetric key of your own devising into the  Symmetric Key text field. Select an appropriate RSA encryption method and click the Encrypt button to apply the new EncryptedKey element to the original SAML message. 

An XML message can now be inserted into the XML data text field. Select a CBC mode encryption algorithm and click Encrypt to apply the changes. As in the example above, press Burp's Go or Forward button to send the message and carefully inspect the response. Try sending invalid XML, e.g., by not closing a tag or using the `&` character without a valid entity and keep an eye open for differences in the returned responses. To manipulate the padding, the text field on the right side shows the hexadecimal representation of the plaintext, including the CBC padding. If you send a single block and set the last byte, which indicates the padding length to the blocksize, i.e. 16 or 0x10 for AES, the ciphertext should decrypt into an empty string and is generally considered "valid" XML.

Please refer to the original paper for more details, tips, and tricks for performing the actual attack [3]. 

Summary

The new XML Encryption attacker included in EsPReSSO can help security auditors to quickly assess if a SAML endpoint is vulnerable to known attacks against XML Encryption. To this end, the decryptor's public key is used in order to send suitable test vectors that can be provided in plaintext. Ciphertext manipulation is, therefore, not required. The actual process of decrypting an intercepted SAML message is, however, considered out of scope and not implemented in EsPReSSO.

In case you wonder how XML Encryption can be used in a secure fashion, here are some considerations [6]:
  • Always use an authenticated encryption mode such as AES-GCM instead of the CBC-mode encryption.
  • Using RSA-PKCS1 v1.5 within XML Encryption is particularly difficult to do in a secure manner, and it is recommended to use RSA with Optimal Asymmetric Encryption Padding (OAEP) instead [2].
  • Apply a digital signature over the whole SAML response, and ensure it is properly validated before attempting to decrypt the assertion. This should thwart the attack as a manipulated response can be recognized as such and should be rejected.
----------
Read more
Posted by at No comments:
Subscribe to: Posts (Atom)