QQ website login RSA encrypted transmission defect analysis-vulnerability warning-the black bar safety net

ID MYHACK58:62200717719
Type myhack58
Reporter 佚名
Modified 2007-11-24T00:00:00


! QQ

Thanks to anonymous people posting QQ website login not using https is encrypted, instead of using the RSA asymmetric encryption to protect transmission of passwords and sensitive information security. QQ is in javascript to achieve the entire process. This idea is very novel, but is also seriously flawed. If used by hackers, it may be captured plaintext passwords. Analysis report is as follows:

Author: axis Date: 2007-11-23 Team: http://www.ph4nt0m.org (http://pstgroup.blogspot.com) Corp: Alibaba B2B Corp / Infomation Security

This idea is very novel, The details can refer to the cloud Shu to write the RSA asymmetric encryption of some unconventional applications, the address is http://www. icylife. net/yunshu/show. php? id=4 7 1

This simple principle is described as follows: 1. In the server side to generate a pair of RSA keys, including public key and private key 2. public key transmitted to the client browser, the client browser with a public key to encrypt sensitive data, such as a password; the encrypted ciphertext back to the server, then the server with the private key to decrypt. 3. Note that the private key is only stored in the server end, while the public key is distributed to all people. Since the private key only the server knows, so the ciphertext even if it is intercepted, it cannot be untied.

This solution is actually still very good, at least he anti-lived for most of the attacks, but why say it is not a substitute for https, is flawed?

Because this scheme does not prevent man in the middle attacks man-in-the-middle centre.

The attack process is as follows: 1. The attacker by MIM, such as arp spoofing, etc. hijack the server and the client between the browser and the http package 2. The attacker generate a fake RSA key: fake public key/fake private key 3. Attacker the js file in the public key replacement for the fake public key, and transmitted to the client browser 4. The client browser with a fake public key to encrypt sensitive data, such as passwords, and the encrypted data to the attacker 5. An attacker with a fake private key to decrypt, get the plaintext password, etc. 6. The attacker with the server's public key to encrypt the plaintext data, and transmitted to the server

The entire process does not appear to be any prompt, and the user's plaintext data are stolen!

And luoluo then raised to a more evil ideas by in here to wish luoluo today Happy Birthday!, the He can be made directly to the encryption of the medium modifications.

For example, if you are using js to do the encryption, then modify the js, if you are using flash or java applert do the encryption, then replace the flash or applet, directly remove this encryption mechanism, to capture the plaintext password.

Then why do you say https is irreplaceable? Because when the implementation of the middleman attack, the browser will prompt the certificate has changed, specifically with reference to the cloud Shu on the https security article, this mechanism is built-in in the browser, the attacker powerless to change it. So this alarm is very meaningful.

And if, like QQ, like using js for the RSA encryption of the transmission, The implementation of the middleman attack, is not going to have any tips, everything will be in the user unknowingly occur.

This case and previous windows RDP man in the middle attacks like the case: when using a 3 3 8 9 port of the rdp Protocol to log in when the certificate of change of the time without any prompting.

While the relative design of the more secure ssh Protocol, ssl Protocol, etc., it will be for the certificate change to make the tips, to prevent the middle attack.

The QQ of this scheme can only protect the transmission process in General sniffer attack, but taking into account today's network environment, most of the sniffer are based on arp spoofing, so this protection mechanism is actually very fragile. It can only be against the currently known arp sniffer software, and specially developed to replace the keyword software, you can not be effective Defense. Once this specifically for the QQ website login sniffer software is developed and available for download, disaster is not far away.

However this scheme still has a positive meaning, removing the resist middleman attack the defects of the outer, the other aspects are more perfect, especially the low cost. If the https binding to use to prevent the middleman attack, the entire scheme even more perfect.

Before worked with the friends joke QQ will because I this article and spend a few hundred million of the funds to buy an https certificate and https Hardware Acceleration Server, now let's wait and see the QQ If is a real user first.

Hope QQ can be bigger and better.