[78721] in cryptography@c2.net mail archive
Re: man in the middle, SSL
daemon@ATHENA.MIT.EDU (Scott G Kelly)
Sat Feb 3 12:27:42 2007
Date: Sat, 03 Feb 2007 09:10:54 -0800
From: Scott G Kelly <scott@hyperthought.com>
To: James Muir <jamuir@scs.carleton.ca>
CC: cryptography@metzdowd.com
In-Reply-To: <45C3A9FE.4060203@scs.carleton.ca>
James Muir wrote:
> I was reading a hacking blog today and came across this:
>
> http://www.darknet.org.uk/2007/02/odysseus-win32-proxy-telemachus-http-transaction-analysis/
>
>
>> Odysseus is a proxy server, which acts as a man-in-the-middle during
>> an HTTP session. A typical HTTP proxy will relay packets to and from
>> a client browser and a web server. Odysseus will intercept an HTTP
>> session’s data in either direction and give the user the ability to
>> alter the data before transmission.
>>
>> For example, during a normal HTTP SSL connection a typical proxy will
>> relay the session between the server and the client and allow the two
>> end nodes to negotiate SSL. In contrast, when in intercept mode,
>> Odysseus will pretend to be the server and negotiate two SSL
>> sessions, one with the client browser and another with the web
>> server.
>>
>> As data is transmitted between the two nodes, Odysseus decrypts the
>> data and gives the user the ability to alter and/or log the data in
>> clear text before transmission.
>>
>> You can find more and download Odysseus here:
>>
>> http://www.bindshell.net/tools/odysseus
>
> It is my understanding that SSL is engineered to resist mitm attacks, so
> I am suspicious of these claims. I wondered if someone more familiar
> with SSL/TLS could comment.
>
> Isn't in the case that the application doing SSL on the client should
> detect what this proxy server is doing and display a warning to the user?
If the user's browser is configured to accept a CA cert for which the
proxy holds the signing key, then the proxy can generate a (bogus) cert
for the destination site on the fly, and this will be transparent to the
user.
Scott
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
