Giter Club home page Giter Club logo

certmitm's Introduction

certmitm

               _             _ _               _                                     
              | |           (_) |             | |                                    
  ___ ___ _ __| |_ _ __ ___  _| |_ _ __ ___   | |__  _   _    __ _  __ _ _ __   ___  
 / __/ _ \ '__| __| '_ ` _ \| | __| '_ ` _ \  | '_ \| | | |  / _` |/ _` | '_ \ / _ \ 
| (_|  __/ |  | |_| | | | | | | |_| | | | | | | |_) | |_| | | (_| | (_| | |_) | (_) |
 \___\___|_|   \__|_| |_| |_|_|\__|_| |_| |_| |_.__/ \__, |  \__,_|\__,_| .__/ \___/ 
                                                      __/ |             | |          
                                                     |___/              |_|

A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.

Created by Aapo Oksman - https://github.com/AapoOksman/certmitm - MIT License

Published in DEF CON 31 on August 11 2023

YouTube: DEF CON 31 - certmitm: automatic exploitation of TLS certificate validation vulnerabilities - Aapo Oksman

DEF CON 31 certmitm Slides.pdf

DEF CON 31 certmitm Demo.mp4

Installation

certmitm has been tested on Debian 11 and Debian 12. It should work on Linux with Python 3.10 and up

Install required python packages with

pip install -r requirements.txt

Obtain real certificates such as a Let's Encrypt certificate and save them to real_certs

Usage

First you need to intercept TLS connections. The easies way for this is to configure the computer running certmitm to act as a router for other devices in the network.

For example:

  1. Start a DHCP/DNS server
sudo ip addr add 10.0.0.1/24 dev eth0
sudo dnsmasq --no-daemon --interface eth0 --dhcp-range=10.0.0.100,10.0.0.200 --log-dhcp --log-queries --bind-interfaces -C /dev/null
  1. Intercept TLS connections from the clients and redirect other connections to the internet through the WLAN interface
sudo iptables -A INPUT -i eth0 -j ACCEPT
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to-ports 9900
sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
  1. Start certmitm
python3 certmitm.py --listen 9900 --workdir testing --verbose --show-data
  1. Connect clients to the network and start applications. Note that you might need to retry running the applications a couple of times while the tests fail.

You should see any intercepted connections in the output of certmitm as CRITICAL. Additionally, if you run certmitm with the --verbose/-v flag, you will see also properly secured connections as INFO. Below you can see an example where connections to google.com are secured properly but connections to www.google.com can be intercepted.

test@certmitm$ python3 certmitm.py -v -l 9900
INFO - 10.0.0.140: 216.58.211.238:443:google.com for test self_signed = [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:992)
INFO - 10.0.0.140: 216.58.211.238:443:google.com for test replaced_key = [SSL: TLSV1_ALERT_DECRYPT_ERROR] tlsv1 alert decrypt error (_ssl.c:992)
INFO - 10.0.0.140: 216.58.211.238:443:google.com for test real_cert_letsencrypt = Nothing received
INFO - 10.0.0.140: 216.58.211.238:443:google.com for test real_cert_CA_letsencrypt = [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:992)
CRITICAL - 10.0.0.140: 216.58.209.164:443:www.google.com for test self_signed = data intercepted!
CRITICAL - 10.0.0.140: 216.58.209.164:443:www.google.com for test replaced_key = data intercepted!
CRITICAL - 10.0.0.140: 216.58.209.164:443:www.google.com for test real_cert_letsencrypt = data intercepted!
CRITICAL - 10.0.0.140: 216.58.209.164:443:www.google.com for test real_cert_CA_letsencrypt = data intercepted!

You can also recreate these secure and insecure connections with curl on a Linux machine connected to certmitm. You can also see that curl gives different errors for different certmitm tests.

test@victim:~$ curl https://google.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
test@victim:~$ curl https://google.com
curl: (35) error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
test@victim:~$ curl https://google.com
curl: (60) SSL: no alternative certificate subject name matches target host name 'google.com'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
test@victim:~$ curl https://google.com
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
test@victim:~$ curl https://google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
test@victim:~$ curl --insecure https://www.google.com
curl: (52) Empty reply from server
test@victim:~$ curl --insecure https://www.google.com
curl: (52) Empty reply from server
test@victim:~$ curl --insecure https://www.google.com
curl: (52) Empty reply from server
test@victim:~$ curl --insecure https://www.google.com
curl: (52) Empty reply from server
test@victim:~$ curl --insecure https://www.google.com
<!doctype html><html itemscope="" itemtype="http://schema.org/WebPage" lang="fi"><head><meta content="text/html;

Hall of fame

List of publicly disclosed vulnerabilities found with certmitm. Open an issue if you have found a vulnerability with certmitm and want to be included.

Author Product Details CVE
Aapo Oksman [in] [X] Microsoft Azure Java SDK Microsoft advisory CVE-2020-16971
Aapo Oksman [in] [X] Microsoft Azure C SDK Microsoft advisory CVE-2020-17002
Aapo Oksman [in] [X] Disk-o-cloud HackerOne report
Aapo Oksman [in] [X] Apple iOS App Store Apple security update CVE-2021-1837
Aapo Oksman [in] [X] Microsoft Intune Microsoft advisory CVE-2021-31980
Aapo Oksman [in] [X] Acronis True Image Acronis advisory, HackerOne report CVE-2021-32581
Aapo Oksman [in] [X] Microsoft Windows Authentication Microsoft advisory CVE-2022-26913
Aapo Oksman [in] [X] Mattermost iOS Mattermost advisory MMSA-2023-00220 CVE-2023-3615
Aapo Oksman [in] [X] Microsoft Windows Enroll Engine Microsoft advisory CVE-2023-28226
Aapo Oksman [in] [X] Samsung Email for Android Samsung advisory SVE-2023-1004 CVE-2023-30729
Aapo Oksman [in] [X] Apple Books for iOS, macOS and watchOS macOS Sonoma 14 security updates, iOS 17 and iPadOS 17 security updates, watchOS 10 security updates
Aapo Oksman [in] [X] Line iOS HackerOne report CVE-2023-5554

certmitm's People

Contributors

aapooksman avatar

Stargazers

Yang Wang avatar Adnan Ahmed avatar avatar avatar PANTH13R avatar Vaarlion avatar avatar Jean-Loup MONNIER avatar avatar Romain Lamothe avatar avatar avatar Carles Pey avatar avatar Tom Hebb avatar enix avatar Abang Obed avatar avatar Stanislav Valkanov avatar Ryan Trauntvein avatar Logan MacLaren avatar Parsa Sadri avatar Ahmed elhadidi avatar tapiolavi avatar avatar Sami J. Lehtinen avatar Henri Sarén avatar Jeb avatar Antoni avatar wdani avatar avatar Daniel Boye avatar Harren avatar Bob Johnston avatar Ling avatar Tuomas Susi avatar Marek Vigaš avatar Tripp avatar Henry Helm avatar Ethan Willoner avatar avatar PatchRequest avatar Aratara_1337 avatar avatar Lauritz avatar Kevin Heinzmann avatar Iz avatar Jose R. avatar Jardel Matias avatar Syed avatar Tom Winter avatar 3lOraculo avatar Marcus André avatar Hartoyo Wahyu avatar avatar avatar Vay3t avatar Dwi Siswanto avatar 【☆ ゆう ☆ 】 avatar phelix avatar Ruben Homs avatar Nikusha Kalatozi avatar Joel Margolis avatar Lazar Zivadinovic avatar Tony Harris avatar Zviad Kikvidze avatar McCaulay Hudson avatar Riccardo Sirigu avatar avatar Alex avatar avatar qdii avatar avatar avatar Dave avatar Minho Ryang avatar Marius Hennecke avatar avatar avatar Fabietto avatar Rino Del Campo avatar Abhineet Jayaraj avatar Canc avatar Artem Golubev avatar shirako takamoto avatar avatar Aleksei Kulaev avatar Alex avatar avatar Christopher Mähler avatar Rémi K. avatar Ryan Mast avatar Taha avatar avatar Oliver F. avatar Marcus Jaschen avatar tuxuser avatar Julian avatar Jennifer Borucki avatar avatar

Watchers

Henri Salo avatar deejay87 avatar ottorei avatar Artem Golubev avatar avatar avatar Alex avatar Cybefox avatar

Forkers

roni-carta nullze gabyavra sanduuz akshayjaing 6cornerdefender pdolinic dimsystem wadeking98 pointer-tonull deanph freep0int balance0033 lsuutari19 ouspg

certmitm's Issues

OpenSSL.crypto.Error 


ERROR - []
Traceback (most recent call last):
  File "/home/kali/Desktop/certmitm-main/certmitm.py", line 55, in threaded_connection_handler
    test = connection_tests.get_test(connection)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/kali/Desktop/certmitm-main/certmitm/connection.py", line 71, in get_test
    next_test = self.all_test_dict[connection.identifier].get_test()
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/home/kali/Desktop/certmitm-main/certmitm/connection.py", line 121, in get_test
    for test in certmitm.certtest.generate_test_context(self.upstream_cert_fullchain, self.connection.upstream_sni or self.connection.upstream_ip, self.working_dir, self.logger):
  File "/home/kali/Desktop/certmitm-main/certmitm/certtest.py", line 78, in generate_test_context
    cert = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, real_cert_pem)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/OpenSSL/crypto.py", line 2034, in load_certificate
    _raise_current_error()
  File "/usr/lib/python3/dist-packages/OpenSSL/_util.py", line 57, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.crypto.Error: []

INFO - 10.0.0.2: 20.199.120.151:443:client.wns.windows.com for test real_cert_441p_2023-07-02 = [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)
INFO - 10.0.0.2: 172.217.17.99:443:ssl.gstatic.com for test self_signed = _ssl.c:989: The handshake operation timed out
INFO - 10.0.0.2: 3.233.159.165:443:rum.browser-intake-datadoghq.com for test replaced_key = _ssl.c:989: The handshake operation timed out
INFO - 10.0.0.2: 104.244.42.129:443:twitter.com for test self_signed = [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1006)
INFO - 10.0.0.2: 104.244.42.66:443:api.twitter.com for test replaced_key = [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1006)
INFO - 10.0.0.2: 3.233.159.165:443:rum.browser-intake-datadoghq.com for test real_cert_441p_2023-07-02 = [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1006)
INFO - 10.0.0.2: 104.244.42.66:443:api.twitter.com for test real_cert_441p_2023-07-02 = [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1006)
INFO - 10.0.0.2: 49.12.130.236:443:None for test self_signed = [SSL: TLSV1_ALERT_UNKNOWN_CA] tlsv1 alert unknown ca (_ssl.c:1006)
INFO - 10.0.0.2: 35.174.127.31:443:nexus-websocket-a.intercom.io for test self_signed = [SSL: UNEXPECTED_EOF_WHILE_READING] EOF occurred in violation of protocol (_ssl.c:1006)
INFO - 10.0.0.2: 172.217.17.99:443:ssl.gstatic.com for test replaced_key = _ssl.c:989: The handshake operation timed out

Working on building unit tests

Hey @aapooksman, just wanted to let you know that a colleague and I are working on adding some unit tests to this project to try to ensure each of the test cases is working as intended post-install. You don't have something like in the works already, do you?

We've attempted to abstract this tool to where client devices (eg: phones) connect over Wireguard to a central sever and then we enable or disable certmitm on all port 443 traffic on that connection. We're not getting the behavior we expect though. For example, on a jailbroken device with SSL Kill Switch enabled, almost all connections should be intercepted. But that's not the case, many are not and deemed "secure." I'm hoping that unit testing can help us figure out what's going on.

Needs meatballs

I have had a lot of luck farming 0days with this tool, but it seems to prevent the creation of meatballs. Please fix.

more precise client profiling

consider using JA3 to further distinguish client TLS libraries and their configurations.

this would help detect weaknesses when a client is reaching out to the same base domain but with differently configured libraries.

Setup issues.

Hey, Can you please provide more details about the Setup/Usage.
It seems like when you try to setup the DHCP/DNS on a computer that is connected to the internet through a router that has a wlan it uses DHCP from this router. It will be appreciated if you can give more details about the networking setup, the steps are clear but the setup is confusing. I want to use the tool on a Mac OS and join a client that has wifi ( like a mobile or tablet, etc...).

Thank you in advance.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.