Continuing yesterday’s post, I compiled a short summary of relevant WOOT’13 presentations.

Truncating TLS Connections to Violate Beliefs in Web Applications
Ben Smyth and Alfredo Pironti, INRIA Paris-Rocquencourt

This presentation was also given at BlackHat some weeks ago. It outlines a very interesting class of attacks against web applications abusing the TLS specification which states that “failure to properly close a connection no longer requires that a session not be resumed […] to conform with widespread implementation practice”. This characteristic enables new attack vectors on shared systems where certain outgoing (TLS encrypted) packets can be dropped in order to prevent applications from e.g. correctly finishing transaction (such as log out procedures) or even modifying the request bodies by dropping the last parts.

FireDrill: Interactive DNS Rebinding
Yunxing Dai and Ryan Resig, University of Michigan

This presentation demonstrated the defeating of DNS pinning as a countermeasure to DNS Rebinding by exhausting the browser’s DNS cache. This was achieved by a high number of DNS requests preceding the actual DNS Rebinding attack. Best side effect of the day was the demonstration, during which Yunxing explained that “you can see the web interface of my wireless router which is not available from the Internet, including SSID and password…. oh… which I will probably have to change”.

Bluetooth: With Low Energy Comes Low Security
Mike Ryan, iSEC Partners

Another presentation from BlackHat, demonstrating how Bluetooth Smart failed hard. I won’t repeat the very basic fails here as the details are available and thoroughly described here. However, it is surprising how crypto protocols have been designed once again (apparently) without a crypto engineer.

Breaking Cell Phone Authentication: Vulnerabilities in AKA, IMS, and Android
Jethro G. Beekman and Christopher Thompson, University of California, Berkeley

Jethro Beekman presented different vulnerabilities they discovered in Internet calling services based on the IP Multimedia Subsystem. These vulnerabilities range from basic TLS misconceptions (where misconception means forgetting to check certificates…) to subtle base station spoofing attacks. Having been involved in mobile research projects, it is good to see further research in this area going on.

Cloning Credit Cards: A Combined Pre-play and Downgrade Attack on EMV Contactless
Michael Roland and Josef Langer, NFC Research Lab Hagenberg, University of Applied Sciences Upper Austria

The presented work shows how vulnerabilities in the protocols used for EMV contactless credit cards can be exploited to create functional clones. EMV contactless CCs can support two different modes: Emulation of the magnetic stripe system over contactless transactions (MagStripe mode) and the full EMV protocol (EMV mode). The main vulnerability allowing the creation of functional clones is within the MagStripe mode. Even though the MagStripe mode does not completely copy the old and vulnerable magnetic stripe, the added dynamic protocol elements suffer from several weaknesses reducing corresponding entropy. In addition, the protocol to determine whether a card supports full EMV or only MagStripe does not use any authentication, enabling a downgrade attack of the protocol to be used. An interesting side note, from my point of view, is that the support of full EMV mode is not mandatory through all specifications and that all specifications still require the support of the legacy (at least from an European view 😉 ) MagStripe mode.

From an IP Address to a Street Address: Using Wireless Signals to Locate a Target
Craig A. Shue, Worcester Polytechnic Institute; Nathanael Paul, University of Tennessee and Oak Ridge National Laboratory; Curtis R. Taylor, Worcester Polytechnic Institute

This talk presented how it was possible to map an IP address to a street address if the last hop of the accessing client is wireless (802.11, to be more specific). This can be achieved by transferring certain traffic patterns to the client which

  • had a specific size which does not occur very often in usual traffic,
  • also could be transferred in bursts, and
  • was transferred using already existing NAT mappings.

These traffic patterns can also be detected if the 802.11 communication took place encrypted, as encryption does not completely change the packet size.

Looking Inside the (Drop) Box
Dhiru Kholia, Openwall and University of British Columbia; Przemysław Węgrzyn, CodePainters

Dhiru Kholia presented a thorough description of the reverse engineering process of the DropBox clients. Using the gained insights, it was also possible to bypass the DropBox two factor authentication and to gather credentials from client systems. The presented tool set supports further analysis of the DropBox environment as well as future client assessments.

Illuminating the Security Issues Surrounding Lights-Out Server Management
Anthony J. Bonkoski, Russ Bielawski, and J. Alex Halderman, University of Michigan

While the threat potential of IPMI interfaces has been discussed during this year (btw, Dan Farmer has updated his paper), this talk showed a practical exploitation of Supermicro’s IPMI solution. Some highly relevant, critical, and shockingly basic vulnerabilities are described here.

“Weird Machines” in ELF: A Spotlight on the Underappreciated Metadata
Rebecca Shapiro, Sergey Bratus, and Sean W. Smith, Dartmouth College

The Page-Fault Weird Machine: Lessons in Instruction-less Computation
Julian Bangert, Sergey Bratus, Rebecca Shapiro, and Sean W. Smith, Dartmouth College

The team around long-term-Trooper Sergey Bratus once again presented a deep dive into practical language security considerations — as practical as it can get ;-). The actual content is too comprehensive for a short summary of the talks (it even was for the time frame of the talks), but they are really “pushing the limits of computation”, as Sergey, describing the nature of exploitation, mentioned.

Have a good one,