Unformatted text preview:

Foundations of Network and Computer SecurityAnnouncementsTCP Session HijackingSession HijackingHijackingPreventing HijackingProject #2: Secure Email SystemFormat of the MessageMessage FormatThe Cert DatabaseSending Secure MailReceiving Secure MailHints for SuccessImportant InformationNew Topic: VulnerabilitiesVulnerability of the Century: Buffer OverflowsWhy so Common?Buffer Overruns aren’t the Only ProblemOverview of Overruns TalkAssumptionsMemory OrganizationStack FramesCalling ConventionStack Memoryexample2.cStack Memory Nowexample3.cHow did we know the values?So we can change return addresses… and then?!Shell CodeFitting Code in the StackHow to Derive Shell Code?And disassembleNeed Code for execveShell Code SynopsisIf execve() failsNew Shell Code SynopsisShell Code, OutlineOne Problem: Where is the /bin/sh string in memory?Shell Code on the StackImplemented Shell CodeImplemented Shell Code, with constants computedTesting the Shell Code: shellcodeasm.cOops.. Won’t workRunning Code in the Data Segment: testsc.cAnother Problem: ZerosEliminating ZerosNew Shell Code (no zeros)Ok, We’re Done? Well…If we know where the buffer isOtherwise, how do we Guess?vulnerable.cexploit1.cLet’s Try It!Doesn’t Work Well: A New IdeaFinal Version of ExploitSmall BuffersFoundations of Network and Foundations of Network and Computer SecurityComputer SecurityJJohn BlackLecture #18Nov 1st 2005CSCI 6268/TLEN 5831, Fall 2005Announcements•Midterm #2 is Nov 8th (1 week from today)–Martin will proctor (I’m at CCS)•Project #1 is due next time–Hand in here (in class)–CAETE students can mail to MartinTCP Session Hijacking•This is the last topic on network-based attacks for a while•We’ll do vulnerabilities next•We’ll come back to some network protocols and some more crypto later in the courseSession Hijacking•How might we jump in on an established TCP session?–If we could sniff the connections and inject traffic, we could do this with no problem–If we can only inject traffic (by sending unsolicited TCP segments to the victim) it’s harder•Must guess the proper sequence number•Successfully used by MitnickHijacking•If attacker uses sequence number outside the window of Target, Target will drop traffic•If attacker uses sequence number within window, Target accepts as from Host A–Result is a one-sided connection–Can be used to crash Target, confuse, reset connection, etcHost ATargetAttackerTCP SessionGuesses Host A’s sequence number, uses Host A’s IPPreventing Hijacking•Make sequence number hard-to-guess–Use random ISNs•Note that SYN cookies in effect do this by using a hash of some stuff which includes a counter and a secret key•There are many other kinds of hijacking techniques–We’ll later look at ARP cache poisoningProject #2: Secure Email SystemOur goal is to provide a secure email system to each member of the class (including your grader). We are going to use both symmetric-key and public-key techniques in this project, thus tying together several of the concepts discussed in lecture. As usual, we’ll use OpenSSL as our toolkit, either via the command-line interface (easiest) or via system calls (you might need the OpenSSL book for this!)The program you write will have three main functions:1. A mini-database utility to keep track of certs you have acquired from Martin’s web site2. A method to send encrypted and signed email3. A method to verify and decrypt received emailFormat of the Message•We’ll start by describing what a message will look like. Then we’ll back-fill the details about how to generate and digest messages in this format. Messages will look like this:-----BEGIN CSCI 6268 MESSAGE-----<session pwd encrypted under target’s public key><blank line><message encrypted under session pwd above><blank line><signature of above content>-----END CSCI 6268 MESSAGE-----Message Format•First -----BEGIN CSCI 6268 MESSAGE----- must appear exactly as shown; this is the indicator that the message begins immediately after this line. (This allows the message to be embedded in a bunch of other text without confusing the recipient’s parser.)•The next line is the session password encrypted under the target’s public key. This password is a random string of 32 characters using A-Z, a-z, and 0-9 generated by the sender; the sender then encrypts his message with AES in CBC mode using this password.•There is a blank line, followed by the AES-CBC encrypted message in base64 format. This is followed by another blank line.•Next comes the signature of the sender which is generated using the sender’s private key. This signature will be the RSA sig of the SHA-1 hash of every line above from the first line after the BEGIN marker to the line just before the blank line ending the message. Exclude newlines (since they are different between Unix and DOS apps).•Finally, -----END CSCI 6268 MESSAGE----- concludes the encrypted message.The Cert DatabaseYour program should maintain a simple catalog of certs which you have collected from the web site. You may store them in whatever format you prefer (a flat file is the simplest, but if you prefer to use MySQL or something fancier, be my guest).A cert should always be verified using the CA’s public key before being inserted into the database.A cert should always be verified using the CA’s public key after being extracted from the database (to ensure someone hasn’t tampered with it while you weren’t watching).You need not store the person’s email address in your database since this is embedded in the cert, but it might be easier to go ahead and store the email addresses as an index field in the file. Of course, you must not rely on these index names as the validated email addresses; always make sure the email in the cert matches!Sending Secure MailYour program should accept a plain-text message along with a destination email address and output an encrypted and signed message as we described a moment ago. Here is the algorithm:1. Get the cert of the target from the database, using the email address as the index; if the email is not there, you must extract it from the web page. 2. Verify the signature on this cert for your email target.3. Generate a 32-character passphrase. Normally we would use a very strong random-number generator for this, but feel free to use random() or the rand function of OpenSSL if you like.4. Encrypt the message with AES in CBC mode with


View Full Document

CU-Boulder CSCI 6268 - Lecture #18

Download Lecture #18
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view Lecture #18 and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view Lecture #18 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?