In unserem Blog veröffentlichen wir in unregelmäßigen Abständen Artikel zu verschiedenen Themen der IT-Sicherheit, wie z.B. Open Penetrationstests, öffentlichen Bedrohungsanalysen und Analysen zu anderen interessanten Themen.

There are many attacks that you need to address when implementing an OAuth or OpenID Connect client. Despite its severe impact one attack is often overlooked in the process of securing clients; in a so-called “mix-up attack” an attacker makes use of a malicious authorization server to steal authorization codes or access tokens. Afterwards, the attacker can access the victim’s resources.

In this blog post we explain the best way how you can protect your application and prevent the severe impact of mix-up attacks.

In September, we* published our new attack called Raccoon. Raccoon is a timing vulnerability that affects all TLS specifications up to 1.2. It allows attackers under certain conditions to break the encryption and read sensitive communication, for example, HTTP traffic or emails. Luckily, the vulnerability is really hard to exploit and relies on very precise timing measurements and on a specific server configuration to be exploitable. 

Last September, we announced our pro bono program to support non-commercial organizations and open-source applications. With this program, we want to help them to increase security if they cannot afford a professional penetration test. For selected applicants, we will conduct a professional penetration test with a total expense of up to ten man-days - for free!

Earlier this year we selected our first candidate: the JavaScript-based password manager KeeWeb. We identified multiple security issues and helped the developers to fix them. This allowed them to effectively protect KeeWeb’s users and their valuable credentials. You can find the full report of the penetration test here: KeeWeb Penetration Test Report. 

Are you involved with any project or application that could benefit from a professional penetration test, as well? Apply now to become our next candidate.

“Proof Key for Code Exchange” (also known as PKCE) [1] is a well-known protection mechanism for OAuth and OpenID Connect.

It was initially introduced to protect leaked or stolen authorization codes of benign native and mobile apps (which are public clients) from being redeemed by malicious apps.

With the time PKCE has become one of the standard measures to improve the security of OAuth and OpenID Connect protocol flows for all kinds of clients. The best current practices draft [2], which advises on how to implement OAuth securely, recommends to generally use PKCE to protect the authorization code and also prevent CSRF attacks.

However, PKCE cannot protect your client against all attacks which target the code. In this blog post, we will explain one attack example, which circumvents PKCE and allows an attacker to use a stolen code to access the victim’s resources.

This June a bug [1] in certain GnuTLS versions was found, which affects the security of session resumption when session tickets are used. The bug causes servers using this implementation, to encrypt session tickets with an all-zero key for the duration of the initial key rotation interval. Thus session tickets issued by a vulnerable server during its first hours of uptime can be decrypted. By default GnuTLS changes the key used for encryption of session tickets every 18 hours.

Affected by the bug is TLS 1.2 when session tickets (defined in RFC 5077 [2]) are used. The data obtained from the decrypted session ticket can be used to decrypt all (recorded) communication of the associated TLS session.

By supporting non-commercial organizations and open-source applications, we want to increase their security. For this reason, we created our pro bono program last September. The pro bono program offers applicants the chance to be selected for a free high-quality penetration test with a total expense of 10 man-days.

As the first candidate, we selected KeeWeb, which is a KeePass compatible password manager. KeeWeb is both available as a web application and cross-platform native application. It allows users to open and sync their password databases stored locally or in a cloud storage.

We selected KeeWeb because it was an excellent fit for our pro bono program. First, its security is crucial, given the fact it processes the user’s password databases. Second, it is a web application written in JavaScript and accesses cloud storage providers using OAuth. Both are part of our key expertise.

This December, Karsten Meyer zu Selhausen received the Eurobits Excellence Award 2019 for his master's thesis "Security of PDF Signatures" [1]. Since 2017, eurobits e.V. – as the center for excellence within the IT security field located in Bochum – annually honors a thesis of a graduated student within the field of IT security for its scientific contribution and high relevance for IT security in practice.

Our IT security consultant Karsten was among the first to investigate the security of digital signatures applied to PDF files. The results of his master's thesis provided the basis for the paper "1 Trillion Dollar Refund – How To Spoof PDF Signatures" published at CCS '19 [2] and helped to increase the security of the affected applications.

Hackmanit congratulates Karsten on winning the award and is happy that he is part of the team.

In the following, a short overview of the results of his master's thesis is given.

In October, we conducted a grey-box penetration test of a SAML-based Single Sign-On solution operated by SURFnet. The tested application used the open-source PHP library SimpleSAMLphp, whose source code we analyzed as a part of the penetration test. We were able to identify a novel variant of an XML Signature Wrapping (XSW) attack in SimpleSAMLphp, which allowed us to bypass the integrity and authenticity protection of the SAML assertion and change its contents arbitrarily.

In the following, we explain the details of the successful XSW attack, but first, we give a brief overview to SimpleSAMLphp, SAML, and XSW in general.

UI Redressing (UIR) describes a set of powerful attacks which can be used to circumvent browser security mechanisms like sandboxing and the Same-Origin Policy. In essence, an attacker wants to lure a victim into performing actions out of context by commonly making use of social engineering techniques in combination with invisible elements and hijacked trustworthy events. The set of attacks includes techniques like manipulating the mouse cursor, stealing touch gestures, and maliciously reuse keystrokes. Introduced in 2008, clickjacking was the first UIR attack which made it possible to automatically hijack the camera and microphone of the victim by stealing a few left-clicks within a Flash-based browser game. 

Hackmanit is happy to announce its pro bono penetration test program for web and single sign-on (SSO) applications. In a half-year cycle, starting in January 2020, we offer free remote penetration tests with a maximum contingent of ten man-days.

We aim to support non-commercial organizations which cannot afford commercial penetration tests. You can apply for a free penetration test if you feel that your organization fulfills the following requirements:

  • Non-commercial application (e.g., open-source software)
  • High impact (e.g., a high number of users or high criticality in the security/privacy areas)
  • You as an applicant should take care of clarifying any potential ethical and legal concerns

There will not be any significant difference between our pro bono penetration test and our usual commercial engagements except that you do not have to pay anything. However, in contrast to our commercial tests, you must agree to allow Hackmanit to publish the unfiltered version of our penetration test report. We will do this after you have fixed the weaknesses or, at the latest, after 90 days from informing you about the weaknesses.