Renegotiating TLS Attack

Abstract: sowhat daniel today introduced a foreign new attack mode http://www.bkjia.com/Article/200911/42521.html For TLS/SSL3.0

, It seems that there are not many people concerned, so I took a special look at the PDF.

This attack is very clever. It mainly uses TLS/SSL 3.0 to reset the encryption algorithm mechanism and the key and value structure of the HTTP request header, multiple Data combinations are implemented to complete the desired requests. The attack effect is similar to that of CSRF attacks. The main steps are as follows:

1. The attacker connects to the target site to complete the SSL handshake called session 1 and sends GET/adduser. jsp? U = yunshu & passwd = 123 HTTP/1.1 FVCK: data packets such.

2. Attackers hijack the data that attackers access the target site and forward the SSL handshake between the attacker and the target server in session 1. session 2 is called a handshake between the attacker and the target server.

4. the target site and the attacker shake hands through the attacker's forwarding. In session 2, the attacker sends the request data to the target server, similar to GET/HTTP/1.1 Host: www. xxx. comAccept: */* Cookie: admin = 1.

5. when the target site receives a new SSL Client Hello in an SSL Session 1, it will think that the Client is requesting to regenerate the key, in the view of the target server, session 2 is also sent by attackers and is in the same TCP session. In the end, the target server considers session 2 as a continuation after session 1 key is reset and combines the two data.

6. The final data is as follows: GET/adduser. jsp? U = yunshu & passwd = 123 HTTP/1.1 FVCK: GET/HTTP/1.1 Host: www. xxx. comAccept: */* Cookie: admin = 1. The FVCK field server does not know it. The actual request GET/HTTP/1.1 is regarded as the value of the FVCK field and is ignored together. The attacker successfully added WEB system users.