Re: [cobalt-security] DANGER WILL ROBINSON!!! A tool for MIM/c*apfilt and poisoning listed on /.

[Stuart Robinson <stuart@xxxxxxxxxxxxxxxxx>]

Michael's combination of apparent knowledge and alarm-raising is quite intoxicating. However it appears that once again he is misrepresenting the situation. That said, it _can_ decrypt.

Someone may have totally cracked ssh/ssl, but this does not do that. This is a classic arp poisoning man-in-the-middle attack but with a very nice UI. This is a weakness in ARP that has long been present and publicised and has always been a PITA. For this attack to work for encrypted sessions it has to be in place on the first connection when the key exchange takes place. That is why openssh tells you this:

> The authenticity of host 'foo.com' can't be established.
> Key fingerprint is 1024 11:d0:2b:44:e2:7e:e5:b6:44:eb:db:76:6c:d5:ea:3e.
> Are you sure you want to continue connecting (yes/no)?

that key could be a man-in-the-middle key, and if you accept it all subsequent connection can be sniffed.

I don't believe that ssh2 tries to protect against this sort of attack. Tools almost certainly exist to sniff it as well.

There is plenty of information online about this. I recommend you read up on it.

Disclaimer: I have not studied the source so can not say nothing about it with certainty.

Stu.


On Thursday 09-Aug-2001 at 17:39, Curtis Ross <Curtis_Ross@xxxxxx> wrote:
> 
> > ...and, yes, you read right...this sniffer will decrypt and stream SSL
> data
> > from an https:// session full duplex in real time.  Don't let the
> 'OpenSSL'
> > requirement lull you into complacency...RSA/etc. commercial
> implementations
> > only add a few milliseconds to the stream lag.
> > 
> 
> I read the sniff part, There's lots of tools for that. I don't see where
> it says decrypt.
> 
> Curtis
> 
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
>