SlideShare una empresa de Scribd logo

Report on Heartbleed

Descargar como DOCX, PDF
S
Shiva Sagar

Day by day as the complexity in the Internet increasing the vulnerabilities about the security is also increasing. So the knowledge about these flaws has to be spread. So this report discuss about the one of the vulnerability that exists for a long time called ‘Heartbleed’. The purpose of this report is to create awareness about the Heartbleed vulnerability in OpenSSL Library, using which attackers can get access to passwords, private keys or any encrypted data. It explains how Heartbleed works, what code causes data leakage and explains the resolution with code fix. It also explains perform how to perform heartbeat attack.

Educación
1 de 14
1 ABSTRACT Encryption is the backbone of Internet security. It protects users data, passwords and transaction details from attackers. To achieve encryption over Internet, one of the famous and widely used protocols is HTTPS. HTTPS is simply HTTP over SSL/TLS. For example any online payment or banking transactions over Internet happens through HTTPS as it is secured. But the new vulnerability –Heartbleed has put a question mark on this security of Internet itself and has broken a trust on the open source community. Heartbleed is the devastating vulnerability in the OpenSSL library that make possible any attacker to steal tons of protected information from a system that using a broken and vulnerable version of the OpenSSL library. This horrendous attack can happens through the internet allowing a hacker to read the memory and supposed protected data such as passwords, secret keys and usernames from an exposed system without leaving any trace and the situation. There can be a leak from the vulnerable server to client and from client to a vulnerable server. Day by day as the complexity in the Internet increasing the vulnerabilities about the security is also increasing. So the knowledge about these flaws has to be spread. So this report discuss about the one of the vulnerability that exists for a long time called ‘Heartbleed’. The purpose of this report is to create awareness about the Heartbleed vulnerability in OpenSSL Library, using which attackers can get access to passwords, private keys or any encrypted data. It explains how Heartbleed works, what code causes data leakage and explains the resolution with code fix. It also explains perform how to perform heartbeat attack.
2 HEARTBLEED 1 Introduction The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE. Due to co-incident discovery a duplicate CVE, CVE-2014-0346, which was assigned to us, should not be used, since others independently went public with the CVE-2014-0160 identifier. Bugs in single software or library come and go and are fixed by new versions. However this bug has left large amount of private keys and other exposed to the internet. Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously. The name ‘Heartbleed’ itself explains the vulnerability – ‘Heart’ of the Heartbleed came from Heartbeat protocol and ‘bleed’ stands for data leakage. That means data leakage in the Heartbeat protocol implementation, specifically the OpenSSL implementation of the protocol. This bug is actually a programming mistake in popular OpenSSL library that provides cryptographic services such as SSL/TLS to the applications and services. TLS heartbeats can be sent by either side of a TLS connection, so it can be used to attack clients as well as servers. An Attacker can obtain up to 64K memory from the server or client as well that uses an OpenSSL implementation vulnerable to Heartbleed. Researcher estimated two-thirds of the world's servers i.e. half a million servers are affected by the Heartbleed Bug, including websites, email, and instant messaging services. This bug was independently discovered by a team of security engineers (Riku, Antti and Matti) at Codenomicon and Neel Mehta of Google Security, who first reported it to the OpenSSL team. Codenomicon team found Heartbleed bug while improving the Safeguard feature in Codenomicon's Defensics security testing tools and reported this bug to the NCSC-FI for vulnerability coordination and reporting to OpenSSL team.
3 2 The Heartbleed Explanation 2.0 The OpenSSL project OpenSSL library provides implementation of cryptographic protocols such as SSL and TLS. It is open source software written in C programming language. The development is completely volunteer driven and the library is free to use for commercial and non-commercial purposes under an Apache-style license. 2.1 The SSL, TLS, DTLS Protocols Security over Internet can be achieved in many ways. Network layer security is one of them. Security over TCP/IP can be improved by using the Secure Socket Layer (SSL) or its follow-on protocol Transport Layer Security (TLS). These two protocols are commonly referred to together as SSL/TLS. HTTP is a stateless application level protocol to format and transmit data between web servers and web browsers. With the increase in the threats and frauds over Internet, there is always a need for a more secure transmission of data. HTTPS is used for improve the security of communication over a network by providing a layer of SSL/TLS the between HTTP and TCP layer. DTLS (Datagram Transport Layer Security) is a communication protocol which implements TLS over unreliable transport protocol i.e. Datagram Congestion Control Protocol (DCCP) or User Datagram Protocol (UDP). Figure 1. Common Internet Protocol layers.
4 2.2 TLS/DTLS Heartbeat Extension The heartbeat extension to the TLS/DTLS protocol is used to check if the connection between two communication devices using TLSDTLS are still “alive,” i.e. able to communicate. the Heartbeat protocol runs on top of the TLS Record Layer and maintains the connection between the two peers alive requiring them to exchange a “heartbeat.” The heartbeat extension was introduced because the then-current TLS/DTLS renegotiation technique to figure out if a peer is still alive was a costly process. The heartbeat extension protocol consists of two message types: HeartbeatRequest message and HeartbeatResponse message and the extension protocol depends on which TLS protocol is being used as describe below: • When using reliable transport protocol: One side of the peer connection sends a HeartbeatRequest message to the other side. The other side of the connection should immediately send a HeartbeatResponse message. This makes one successful Heartbeat and thus, keeping connection alive – this is called ‘keep-alive’ functionality. If no response is received within a specified timeout, the TLS connection is terminated. • Unreliable transport protocol: One side of the peer connection sends HeartbeatRequest message to the other side. The other side of the connection should immediately send a HeartbeatResponse message. If no response is received within specified timeout another HeartbeatRequest message is retransmitted. If expected response is not received for specified number of retransmissions, the DTLS connection is terminated. 2.3 Heartbeat in OpenSSL The OpenSSL team implemented the heartbeat extension in December 2011. It also explains the bug in the code and its fix in detail. The bug exists in OpenSSL from version 1.0.1 to 1.0.1f. 2.30 HeartbeatRequest Message: The OpenSSL implementation of the HeartbeatRequest message has a Message Type of 1 byte to identify that this message is a ‘TLS Heartbeat Request’ message, 2 bytes for the payload length, a 2 byte sequence number in the payload to identify to specified number of messages sent before a timeout, and 16 bytes for actual payload and any padding. The Heartbeat request message is created and sent to the receiver. The timer for timeout starts and the specified number of retransmission is updated. There in no problem in the OpenSSL Heartbeat request implementation.
5 2.31 HeartbeatResponse Message: HeartbeatResponse sends a copy of the received HeartbeatRequest payload data which verifies that the secured connection between the peers is still alive. The HeartbeatResponse implementation first checks to determine if the received message type is ‘TLS Heartbeat Request’ message and extracts the request payload length. It then allocates memory for the HeartbeatResponse message. The HeartbeatResponse message has a 1 byte of message type to indicate it is the ‘TLS Heartbeat Response’ message and 2 bytes to indicate the payload length. It copies the payload from the HeartbeatRequest message to the HeartbeatResponse message and sends the response message back to the requestor. Requestor receives the Heartbeat response message and validates it with the original message sent. Thus, OpenSSL Heartbeat request and response implementation ensures that the secured connection between the peers is still alive or not. 2.32 Data Leakage leading to Heartbleed There is a bug in the above implementation of the Heartbeat reply to the received Heartbeat request message. The problem here is that the OpenSSL heartbeat response code does not check to make sure that the payload length field in the heartbeat request message matches the actual length of the payload. If the heartbeat request payload length field is set to a value larger than the actual payload, the response C code will copy the payload from the heartbeat message and whatever is in memory beyond the end of the payload. A heartbeat request the payload length can be set to a maximum value of 65535 bytes. Therefore the bug in the OpenSSL heartbeat response code could copy as much as 65535 bytes from the machine's memory and send it to the requestor. 2.33 Fixing the Error in the Code • First, it checks to determine if the length of the payload is zero or not. It simply discards the message if the payload length is 0. • The second task performed by the bug fix makes sure that the heartbeat payload length field value matches the actual length of the request payload data. If not, it discards the message. 2.4 The Real World Impact of Heartbleed By exploiting the Heartbleed vulnerability, an attacker can send a Heartbeat request message and retrieve up to 64 KB of memory from the victim's server. The contents of the retrieved memory depends on what's in memory in the server at the time, but could potentially contain usernames, passwords, session IDs or secret private keys or other sensitive information. Following figure illustrates how an attacker can exploit this vulnerability. This attack can be made multiple times without leaving any trace of it.
6 Figure 2. Exploiting the Heartbleed vulnerability.
7 It is little early to estimate the impact of this vulnerability, but no one can deny that this scenario is an important one for Internet users, potentially putting their private, secret and encrypted data at risk. Bruce Schneier, in his blog has classified the Heartbleed bug as “Catastrophic” and has given it a rating of 11 on the scale of 1 to 10. The Pew Research Internet Project states that ‘39% of Internet users have changed passwords or cancelled accounts; 6% think their personal information was swiped’. 2.40 Affected Devices To add more on that, Heartbleed has not only affected the ‘web’ but also the embedded devices. Many home routers and operating systems incorporate OpenSSL. Wikipedia has collected report of affected devices. Some of these devices are: • Android smart phones running version 4.1.1 (Jelly Bean) of Android. • Cisco routers. • Juniper routers. • Western Digital My Cloud product family firmware 2.41 Affected Operating System The website http://heartbleed.com maintains a list of affected operating systems, some of which include: • Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4 • Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11 • CentOS 6.5, OpenSSL 1.0.1e-15 • Fedora 18, OpenSSL 1.0.1e-4 • OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012) • FreeBSD 10.0 - OpenSSL 1.0.1e 11 Feb 2013 • NetBSD 5.0.2 (OpenSSL 1.0.1e) • OpenSUSE 12.2 (OpenSSL 1.0.1c) 2.42 Status Of different version • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable. • OpenSSL 1.0.1g is NOTVulnerable. • OpenSSL 1.0.0 branch is NOT Vulnerable. • OpenSSL 0.9.8 branch is not Vulnerable.
8 3 The Implementation A very particular characteristic of this attack is that the attacker can repeat the attack any number of times until to discover some vulnerable information from the memory of vulnerable system. Preparing the test Environment To demonstrate Heartbleed attack, it require two systems running each one in a Separate Workstation namely: an attacker system (kali Linux) and a vulnerable system (Ubuntu 12.04 LTS). The kali Linux system is available for downloading from http://www.kali.org/ and it is suggested to use the latest possible version. The Ubuntu 12.04 LTS is available to download from http://www.ubuntu.com/download/desktop. Furthermore it is required to configure an apache service with SSL Support on the Ubuntu to explode the Heartbleed flaw. Confirm if your kali system is fully updated: root@kali:~# apt-get update root@kali:~# apt-get upgrade On Ubuntu system, you should confirm the Ubuntu version of your target system, Figure 3. Confirming Ubuntu version from terminal. Now, we have to configure the Apache with SSL support on Ubuntu: root@ubuntu1:~# a2enmod ssl root@ubuntu1:~# service apache2 restart root@ubuntu1:~# mkdir /etc/apache/ssl/ After executing the above commands, a self-signed certificate has to be created using the below command:
9 Now, The apache server has to be configured to use the above certificate by modifying the required username and server name according to the user perspective in the file /etc/apache2/sites-available/default-ssl/ as per required by the user: Activating the viral host is done by running: root@ubuntu1:~# a2ensite default-ssl root@ubuntu1:~# service apache2 restart Now we need to verify whether the apache SSL configuration in working, so go to http://192.168.154.137: Figure 4.Running the server. Figure 5. Server ports for Services.
10 Client Configuration and Connection On the Client, The Heartbeat bug can be explored using the fantastic Metasploit. Its recommended to update the Metasploit framework if you are not sure it’s already updated. Then on Kali Linux the following task to be done: root@kali:~# msfupdate root@kali:~# msfconsole Now, change the kernel verbose to use msf by executing the command: root@kali:~# msf next step is to choose the auxiliary scanner “openssl_heartbleed”, It is a default library available in Linux kali system to see actually how the Heartbeat protocol works and to detect If there is a leakage of data in the protocol: msf > use auxiliary/scanner/ssl/openssl_heartbleed Now, we are able to see the available options from scanner by executing: msf auxiliary(openssl_heartbleed) > show options Figure 5. Verbose displaying all the options available for services. As we can see the only parameter we need to define is RHOSTS , because all other attributes has a default value. SSL service will be running in port 443, so it is possible to define options at any point of time.
11 We can proceed to the attack: msf auxiliary(openssl_heartbleed) > set RHOSTS 192.168.154.137 RHOSTS is to say that client has to connect to the above server IP address. These setting will be taken by the administrator in case of LAN.(eg. Nitk router will assign one default IP to clients). We can cross verify it whether the IP address of server assigned or not using the above option command. Everything is set now we can run the heartbeat request command by simply using run command, when the results are analysed properly, We can see the data leakage from heartbeat response: Figure 6. Data leakage from the response. The detailed observation of the above results reveals the details of my own Email account, all the passwords, private keys that I have used while communicating. With the help of private keys (Top level keys to be secured by OpenSSL using SSL/TLS) we can view all the web pages actually accessed and all the other clients I have connected to. Basically My profile will be Shared among other users. Figure 7. My own profile details leaked among connected clients.
12 4 Heartbleed Precautionsand preventions All Heartbleed-vulnerable systems should immediately upgrade to OpenSSL 1.0.1g. If you are not sure whether an application you want to access is Heartbleed vulnerable or not - try any one of the Heartbleed detector tools from section "Heartbleed detector tools." No action required if your application is not vulnerable. But if the application is vulnerable, wait for it to be patched with OpenSSL 1.0.1g. Once the patch is applied, all the users of such applications should follow the application's release documents from the service providers. Typically, steps to follow once the patch is applied are: • Changing your password. • generating private keys again. • Certificate revocation and replacement. An important step is to restart the services that are using OpenSSL (like HTTPS, SMTP etc). Before accessing any SSL/TLS application such as HTTPS, check to see if the application is vulnerable. Do not access or login to any affected sites. Ensure all such vendors or enterprises related to your business have applied this security patch. Keep your eyes open on such news of security vulnerabilities. The Heartbleed bug has shaken the Internet community on its dependency on the open source software. Even though OpenSSL is a very popular library, it was not properly scrutinized. One reason might be because of lack of resources and funds. The organizations and developers using open source software should contribute back to these open source communities in terms of donations, reviewing the code, testing and designing. Amazon, Facebook, Google have recently come forward to donate funds to improve open-source security systems. 4.0 Heartbleed detector Tools The following list of tools may help you detect whether a website is vulnerable to Heartbleed: • https://filippo.io/Heartbleed/ • http://csc.cyberoam.com/cyberoamsupport/webpages/webcat/2014-0160.jsp/ • http://heartbleed.criticalwatch.com/ • https://blog.lookout.com/blog/2014/04/09/heartbleed-detector/. • https://lastpass.com/heartbleed/ • http://www.tripwire.com/securescan/?home-banner/ • http://www.arbornetworks.com/asert/2014/04/heartbleed/
13 4.1 Does this resolve all the problems? No, not at all. This is the scariest part of the OpenSSL Heartbleed bug is that, even after taking these measures, no one can completely relax. This vulnerability has existed for more than 2 years. No one knows if their application has been exploited because the attack leaves no traces of it. There is a possibility that attackers might have been reading passwords, secret keys and other encrypted data. This theft cannot be known unless the misuse of the data is observed or the attacker discloses it. 4.2 Immediate aftermath Of Heartbleed The Heartbleed bug affects many different stakeholders: • Developers: The immediate action for developers is to upgrade their application to OpenSSL 1.0.1g. If not possible they should disable OpenSSL Heartbeat by recompiling OpenSSL. • System Administrators: System administrator should ensure that no impacted certificates could be reused. All impacted certificates should be revoked and replaced. Restart all such vulnerable services after applying patches. Users should be required to change the passwords after the patch has been applied. • Users: Do not access any vulnerable sites. Check it using any Heartbleed detector tools. Follow the released document of the patched sites before using their application. • Organizations and service providers using OpenSSL: The damage caused by this vulnerability could not be traced. So, organizations should presume the worst and prepare themselves accordingly. They should be prepared if attacker has already got access to their secured data. They should also apply these patches and provide a ‘to-do’ document for their users. 5 Conclusion Heartbleed is a big stain on today’s fast moving technology world. It is time to halt a little bit and do some introspection. Are we running too fast but forgot to tie our shoelaces? We cannot afford even such a minute mistake. Nothing has changed and the world will move on, but there is a big question mark on the trust this security vulnerability has broken. It will be hard to close this trust gap as Heartbleed will always remind us. Only time will tell how much actual damage it has caused, since it existed for more than two years. Nevertheless, it is about owning more responsibility towards creating more secured system by industry, organizations, developers and the open source community.
14 References [1] Bipin Chandra, Technical Writer, IBM. A technical View of the OpenSSL ‘Heartbleed’ Vulnerability. Version 1.2.1, May 13, 2014. [2] Alexander Borges. How to perform The Heartbleed Attack. Version A.1 , April 15, 2014. [3] Stephan Weisand, Technical Seminar, DESY, Zeuthen . The Heartbleed Vulnerability in OpenSSL, Version A.1, April 15, 2014. [4]Technical Team, Massachusetts Institute Technology, Cambridge, MA . CloudFare: Staying Ahead of OpenSSL Vulnerabilities. April 7, 2014. [5] Technical Team, Blue Coat. What is the Heartbleed Epidemic?. April 30, 2014. [6] Official Heartbleed Website by Codenomicon, https://www.heartbleed.com/ [7] Heartbleed:Vulnerabilty, http://vimeo.com/91425662/ [8] Education-Heartbleed, http://slideshare.com/ [9] Hacker news on Heartbleed, http://thehackernews.com/2014/04/heartbleed-bug-explained- 10-most.html [10] Article about Heartbleed, http://blog.csdn.net/fanbird2008/article/details/18623141 .

Recomendados

Email Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailEmail Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mail
Ralph van der Pauw
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
IJCSEA Journal
 
application layer
application layerapplication layer
application layer
BishalWosti1
 
Arun prjct dox
Arun prjct doxArun prjct dox
Arun prjct dox
Baig Mirza
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
United International University
 
Mime
MimeMime
Mime
pullel
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)
Pankaj Bhambhani
 
Sip Overload Control Testbed: Design, Building And Evaluation
Sip Overload Control Testbed: Design, Building And EvaluationSip Overload Control Testbed: Design, Building And Evaluation
Sip Overload Control Testbed: Design, Building And Evaluation
ijasa
 

Recomendados

Email Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mailEmail Security, The Essence of Secure E-mail
Email Security, The Essence of Secure E-mail
Ralph van der Pauw
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
IJCSEA Journal
 
application layer
application layerapplication layer
application layer
BishalWosti1
 
Arun prjct dox
Arun prjct doxArun prjct dox
Arun prjct dox
Baig Mirza
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
United International University
 
Mime
MimeMime
Mime
pullel
 
E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)E mail security using Certified Electronic Mail (CEM)
E mail security using Certified Electronic Mail (CEM)
Pankaj Bhambhani
 
Sip Overload Control Testbed: Design, Building And Evaluation
Sip Overload Control Testbed: Design, Building And EvaluationSip Overload Control Testbed: Design, Building And Evaluation
Sip Overload Control Testbed: Design, Building And Evaluation
ijasa
 
Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lan
eSAT Publishing House
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2
Infinity Tech Solutions
 
Outlook and thunderbird ii
Outlook and thunderbird iiOutlook and thunderbird ii
Outlook and thunderbird ii
BanukaVidusanka
 
Security (IP)
Security (IP)Security (IP)
Security (IP)
Tanat Tonguthaisri
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
IJNSA Journal
 
Chapter 04
Chapter 04Chapter 04
Chapter 04
cclay3
 
Wireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solutionWireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solution
United International University
 
Privacy Enhanced Mail (PEM)
Privacy Enhanced Mail (PEM)Privacy Enhanced Mail (PEM)
Privacy Enhanced Mail (PEM)
Palash Mehar
 
Quantifying the impact of flood attack on
Quantifying the impact of flood attack onQuantifying the impact of flood attack on
Quantifying the impact of flood attack on
ijcsa
 
Week3 lec3-bscs1
Week3 lec3-bscs1Week3 lec3-bscs1
Week3 lec3-bscs1
syedhaiderraza
 
Basic concept of internet
Basic concept of internetBasic concept of internet
Basic concept of internet
Snehal Shahane
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
IJNSA Journal
 
p2p project report
p2p project reportp2p project report
p2p project report
Yuming Guo
 
Ntewrok secuirty cs1
Ntewrok secuirty cs1Ntewrok secuirty cs1
Ntewrok secuirty cs1
Infinity Tech Solutions
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
Prafull Johri
 
1716 1719
1716 17191716 1719
1716 1719
Editor IJARCET
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
Anil Antony
 
Unit 6
Unit 6Unit 6
Unit 6
Vinod Kumar Gorrepati
 
1766 1770
1766 17701766 1770
1766 1770
Editor IJARCET
 
Heartbleed
HeartbleedHeartbleed
Heartbleed
Shiva Sagar
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
Rana assad ali
 
The Heartbleed Bug
The Heartbleed BugThe Heartbleed Bug
The Heartbleed Bug
n|u - The Open Security Community
 

Más contenido relacionado

La actualidad más candente

A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
IJNSA Journal
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
IJNSA Journal
 
p2p project report
p2p project reportp2p project report
p2p project report
Yuming Guo
 

La actualidad más candente (19)

Monitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lanMonitoring of traffic over the victim under tcp syn flood in a lan
Monitoring of traffic over the victim under tcp syn flood in a lan
 
Network Security CS2
Network Security CS2Network Security CS2
Network Security CS2
 
Outlook and thunderbird ii
Outlook and thunderbird iiOutlook and thunderbird ii
Outlook and thunderbird ii
 
Security (IP)
Security (IP)Security (IP)
Security (IP)
 
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
A ROBUST MECHANISM FOR DEFENDING DISTRIBUTED DENIAL OF SERVICE ATTACKS ON WEB...
 
Chapter 04
Chapter 04Chapter 04
Chapter 04
 
Wireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solutionWireshark Lab HTTP, DNS and ARP v7 solution
Wireshark Lab HTTP, DNS and ARP v7 solution
 
Privacy Enhanced Mail (PEM)
Privacy Enhanced Mail (PEM)Privacy Enhanced Mail (PEM)
Privacy Enhanced Mail (PEM)
 
Quantifying the impact of flood attack on
Quantifying the impact of flood attack onQuantifying the impact of flood attack on
Quantifying the impact of flood attack on
 
Week3 lec3-bscs1
Week3 lec3-bscs1Week3 lec3-bscs1
Week3 lec3-bscs1
 
Basic concept of internet
Basic concept of internetBasic concept of internet
Basic concept of internet
 
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOSAN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
AN EFFECTIVE PREVENTION OF ATTACKS USING GI TIME FREQUENCY ALGORITHM UNDER DDOS
 
p2p project report
p2p project reportp2p project report
p2p project report
 
Ntewrok secuirty cs1
Ntewrok secuirty cs1Ntewrok secuirty cs1
Ntewrok secuirty cs1
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)
 
1716 1719
1716 17191716 1719
1716 1719
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Unit 6
Unit 6Unit 6
Unit 6
 
1766 1770
1766 17701766 1770
1766 1770
 

Similar a Report on Heartbleed

Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
CSCJournals
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
cscpconf
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
csandit
 
Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures
ijcsa
 

Similar a Report on Heartbleed (20)

Heartbleed
HeartbleedHeartbleed
Heartbleed
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
The Heartbleed Bug
The Heartbleed BugThe Heartbleed Bug
The Heartbleed Bug
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
 
What is TLS/SSL?
What is TLS/SSL? What is TLS/SSL?
What is TLS/SSL?
 
VULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOLVULNERABILITIES OF THE SSL/TLS PROTOCOL
VULNERABILITIES OF THE SSL/TLS PROTOCOL
 
Vulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS ProtocolVulnerabilities of the SSL/TLS Protocol
Vulnerabilities of the SSL/TLS Protocol
 
Ssl https
Ssl httpsSsl https
Ssl https
 
Differences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdfDifferences to Know Between SSL & TLS certificate .pdf
Differences to Know Between SSL & TLS certificate .pdf
 
Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures
 
Heart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic libraryHeart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic library
 
TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer Security
 
Heartbleed
Heartbleed Heartbleed
Heartbleed
 
Lesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptxLesson 1. General Introduction to IT and Cyber Security.pptx
Lesson 1. General Introduction to IT and Cyber Security.pptx
 
Application Layer
Application LayerApplication Layer
Application Layer
 
Web Security
Web SecurityWeb Security
Web Security
 
Study and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityStudy and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer security
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security
 
Tcp and udp ports
Tcp and udp portsTcp and udp ports
Tcp and udp ports
 
Simple Mail Transfer Protocol
Simple Mail Transfer ProtocolSimple Mail Transfer Protocol
Simple Mail Transfer Protocol
 

Último

Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
MateoGardella
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 

Último (20)

Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.Gardella_Mateo_IntellectualProperty.pdf.
Gardella_Mateo_IntellectualProperty.pdf.
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 

Report on Heartbleed

  • 1. 1 ABSTRACT Encryption is the backbone of Internet security. It protects users data, passwords and transaction details from attackers. To achieve encryption over Internet, one of the famous and widely used protocols is HTTPS. HTTPS is simply HTTP over SSL/TLS. For example any online payment or banking transactions over Internet happens through HTTPS as it is secured. But the new vulnerability –Heartbleed has put a question mark on this security of Internet itself and has broken a trust on the open source community. Heartbleed is the devastating vulnerability in the OpenSSL library that make possible any attacker to steal tons of protected information from a system that using a broken and vulnerable version of the OpenSSL library. This horrendous attack can happens through the internet allowing a hacker to read the memory and supposed protected data such as passwords, secret keys and usernames from an exposed system without leaving any trace and the situation. There can be a leak from the vulnerable server to client and from client to a vulnerable server. Day by day as the complexity in the Internet increasing the vulnerabilities about the security is also increasing. So the knowledge about these flaws has to be spread. So this report discuss about the one of the vulnerability that exists for a long time called ‘Heartbleed’. The purpose of this report is to create awareness about the Heartbleed vulnerability in OpenSSL Library, using which attackers can get access to passwords, private keys or any encrypted data. It explains how Heartbleed works, what code causes data leakage and explains the resolution with code fix. It also explains perform how to perform heartbeat attack.
  • 2. 2 HEARTBLEED 1 Introduction The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users. CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE. Due to co-incident discovery a duplicate CVE, CVE-2014-0346, which was assigned to us, should not be used, since others independently went public with the CVE-2014-0160 identifier. Bugs in single software or library come and go and are fixed by new versions. However this bug has left large amount of private keys and other exposed to the internet. Considering the long exposure, ease of exploitation and attacks leaving no trace this exposure should be taken seriously. The name ‘Heartbleed’ itself explains the vulnerability – ‘Heart’ of the Heartbleed came from Heartbeat protocol and ‘bleed’ stands for data leakage. That means data leakage in the Heartbeat protocol implementation, specifically the OpenSSL implementation of the protocol. This bug is actually a programming mistake in popular OpenSSL library that provides cryptographic services such as SSL/TLS to the applications and services. TLS heartbeats can be sent by either side of a TLS connection, so it can be used to attack clients as well as servers. An Attacker can obtain up to 64K memory from the server or client as well that uses an OpenSSL implementation vulnerable to Heartbleed. Researcher estimated two-thirds of the world's servers i.e. half a million servers are affected by the Heartbleed Bug, including websites, email, and instant messaging services. This bug was independently discovered by a team of security engineers (Riku, Antti and Matti) at Codenomicon and Neel Mehta of Google Security, who first reported it to the OpenSSL team. Codenomicon team found Heartbleed bug while improving the Safeguard feature in Codenomicon's Defensics security testing tools and reported this bug to the NCSC-FI for vulnerability coordination and reporting to OpenSSL team.
  • 3. 3 2 The Heartbleed Explanation 2.0 The OpenSSL project OpenSSL library provides implementation of cryptographic protocols such as SSL and TLS. It is open source software written in C programming language. The development is completely volunteer driven and the library is free to use for commercial and non-commercial purposes under an Apache-style license. 2.1 The SSL, TLS, DTLS Protocols Security over Internet can be achieved in many ways. Network layer security is one of them. Security over TCP/IP can be improved by using the Secure Socket Layer (SSL) or its follow-on protocol Transport Layer Security (TLS). These two protocols are commonly referred to together as SSL/TLS. HTTP is a stateless application level protocol to format and transmit data between web servers and web browsers. With the increase in the threats and frauds over Internet, there is always a need for a more secure transmission of data. HTTPS is used for improve the security of communication over a network by providing a layer of SSL/TLS the between HTTP and TCP layer. DTLS (Datagram Transport Layer Security) is a communication protocol which implements TLS over unreliable transport protocol i.e. Datagram Congestion Control Protocol (DCCP) or User Datagram Protocol (UDP). Figure 1. Common Internet Protocol layers.
  • 4. 4 2.2 TLS/DTLS Heartbeat Extension The heartbeat extension to the TLS/DTLS protocol is used to check if the connection between two communication devices using TLSDTLS are still “alive,” i.e. able to communicate. the Heartbeat protocol runs on top of the TLS Record Layer and maintains the connection between the two peers alive requiring them to exchange a “heartbeat.” The heartbeat extension was introduced because the then-current TLS/DTLS renegotiation technique to figure out if a peer is still alive was a costly process. The heartbeat extension protocol consists of two message types: HeartbeatRequest message and HeartbeatResponse message and the extension protocol depends on which TLS protocol is being used as describe below: • When using reliable transport protocol: One side of the peer connection sends a HeartbeatRequest message to the other side. The other side of the connection should immediately send a HeartbeatResponse message. This makes one successful Heartbeat and thus, keeping connection alive – this is called ‘keep-alive’ functionality. If no response is received within a specified timeout, the TLS connection is terminated. • Unreliable transport protocol: One side of the peer connection sends HeartbeatRequest message to the other side. The other side of the connection should immediately send a HeartbeatResponse message. If no response is received within specified timeout another HeartbeatRequest message is retransmitted. If expected response is not received for specified number of retransmissions, the DTLS connection is terminated. 2.3 Heartbeat in OpenSSL The OpenSSL team implemented the heartbeat extension in December 2011. It also explains the bug in the code and its fix in detail. The bug exists in OpenSSL from version 1.0.1 to 1.0.1f. 2.30 HeartbeatRequest Message: The OpenSSL implementation of the HeartbeatRequest message has a Message Type of 1 byte to identify that this message is a ‘TLS Heartbeat Request’ message, 2 bytes for the payload length, a 2 byte sequence number in the payload to identify to specified number of messages sent before a timeout, and 16 bytes for actual payload and any padding. The Heartbeat request message is created and sent to the receiver. The timer for timeout starts and the specified number of retransmission is updated. There in no problem in the OpenSSL Heartbeat request implementation.
  • 5. 5 2.31 HeartbeatResponse Message: HeartbeatResponse sends a copy of the received HeartbeatRequest payload data which verifies that the secured connection between the peers is still alive. The HeartbeatResponse implementation first checks to determine if the received message type is ‘TLS Heartbeat Request’ message and extracts the request payload length. It then allocates memory for the HeartbeatResponse message. The HeartbeatResponse message has a 1 byte of message type to indicate it is the ‘TLS Heartbeat Response’ message and 2 bytes to indicate the payload length. It copies the payload from the HeartbeatRequest message to the HeartbeatResponse message and sends the response message back to the requestor. Requestor receives the Heartbeat response message and validates it with the original message sent. Thus, OpenSSL Heartbeat request and response implementation ensures that the secured connection between the peers is still alive or not. 2.32 Data Leakage leading to Heartbleed There is a bug in the above implementation of the Heartbeat reply to the received Heartbeat request message. The problem here is that the OpenSSL heartbeat response code does not check to make sure that the payload length field in the heartbeat request message matches the actual length of the payload. If the heartbeat request payload length field is set to a value larger than the actual payload, the response C code will copy the payload from the heartbeat message and whatever is in memory beyond the end of the payload. A heartbeat request the payload length can be set to a maximum value of 65535 bytes. Therefore the bug in the OpenSSL heartbeat response code could copy as much as 65535 bytes from the machine's memory and send it to the requestor. 2.33 Fixing the Error in the Code • First, it checks to determine if the length of the payload is zero or not. It simply discards the message if the payload length is 0. • The second task performed by the bug fix makes sure that the heartbeat payload length field value matches the actual length of the request payload data. If not, it discards the message. 2.4 The Real World Impact of Heartbleed By exploiting the Heartbleed vulnerability, an attacker can send a Heartbeat request message and retrieve up to 64 KB of memory from the victim's server. The contents of the retrieved memory depends on what's in memory in the server at the time, but could potentially contain usernames, passwords, session IDs or secret private keys or other sensitive information. Following figure illustrates how an attacker can exploit this vulnerability. This attack can be made multiple times without leaving any trace of it.
  • 6. 6 Figure 2. Exploiting the Heartbleed vulnerability.
  • 7. 7 It is little early to estimate the impact of this vulnerability, but no one can deny that this scenario is an important one for Internet users, potentially putting their private, secret and encrypted data at risk. Bruce Schneier, in his blog has classified the Heartbleed bug as “Catastrophic” and has given it a rating of 11 on the scale of 1 to 10. The Pew Research Internet Project states that ‘39% of Internet users have changed passwords or cancelled accounts; 6% think their personal information was swiped’. 2.40 Affected Devices To add more on that, Heartbleed has not only affected the ‘web’ but also the embedded devices. Many home routers and operating systems incorporate OpenSSL. Wikipedia has collected report of affected devices. Some of these devices are: • Android smart phones running version 4.1.1 (Jelly Bean) of Android. • Cisco routers. • Juniper routers. • Western Digital My Cloud product family firmware 2.41 Affected Operating System The website http://heartbleed.com maintains a list of affected operating systems, some of which include: • Debian Wheezy (stable), OpenSSL 1.0.1e-2+deb7u4 • Ubuntu 12.04.4 LTS, OpenSSL 1.0.1-4ubuntu5.11 • CentOS 6.5, OpenSSL 1.0.1e-15 • Fedora 18, OpenSSL 1.0.1e-4 • OpenBSD 5.3 (OpenSSL 1.0.1c 10 May 2012) and 5.4 (OpenSSL 1.0.1c 10 May 2012) • FreeBSD 10.0 - OpenSSL 1.0.1e 11 Feb 2013 • NetBSD 5.0.2 (OpenSSL 1.0.1e) • OpenSUSE 12.2 (OpenSSL 1.0.1c) 2.42 Status Of different version • OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable. • OpenSSL 1.0.1g is NOTVulnerable. • OpenSSL 1.0.0 branch is NOT Vulnerable. • OpenSSL 0.9.8 branch is not Vulnerable.
  • 8. 8 3 The Implementation A very particular characteristic of this attack is that the attacker can repeat the attack any number of times until to discover some vulnerable information from the memory of vulnerable system. Preparing the test Environment To demonstrate Heartbleed attack, it require two systems running each one in a Separate Workstation namely: an attacker system (kali Linux) and a vulnerable system (Ubuntu 12.04 LTS). The kali Linux system is available for downloading from http://www.kali.org/ and it is suggested to use the latest possible version. The Ubuntu 12.04 LTS is available to download from http://www.ubuntu.com/download/desktop. Furthermore it is required to configure an apache service with SSL Support on the Ubuntu to explode the Heartbleed flaw. Confirm if your kali system is fully updated: root@kali:~# apt-get update root@kali:~# apt-get upgrade On Ubuntu system, you should confirm the Ubuntu version of your target system, Figure 3. Confirming Ubuntu version from terminal. Now, we have to configure the Apache with SSL support on Ubuntu: root@ubuntu1:~# a2enmod ssl root@ubuntu1:~# service apache2 restart root@ubuntu1:~# mkdir /etc/apache/ssl/ After executing the above commands, a self-signed certificate has to be created using the below command:
  • 9. 9 Now, The apache server has to be configured to use the above certificate by modifying the required username and server name according to the user perspective in the file /etc/apache2/sites-available/default-ssl/ as per required by the user: Activating the viral host is done by running: root@ubuntu1:~# a2ensite default-ssl root@ubuntu1:~# service apache2 restart Now we need to verify whether the apache SSL configuration in working, so go to http://192.168.154.137: Figure 4.Running the server. Figure 5. Server ports for Services.
  • 10. 10 Client Configuration and Connection On the Client, The Heartbeat bug can be explored using the fantastic Metasploit. Its recommended to update the Metasploit framework if you are not sure it’s already updated. Then on Kali Linux the following task to be done: root@kali:~# msfupdate root@kali:~# msfconsole Now, change the kernel verbose to use msf by executing the command: root@kali:~# msf next step is to choose the auxiliary scanner “openssl_heartbleed”, It is a default library available in Linux kali system to see actually how the Heartbeat protocol works and to detect If there is a leakage of data in the protocol: msf > use auxiliary/scanner/ssl/openssl_heartbleed Now, we are able to see the available options from scanner by executing: msf auxiliary(openssl_heartbleed) > show options Figure 5. Verbose displaying all the options available for services. As we can see the only parameter we need to define is RHOSTS , because all other attributes has a default value. SSL service will be running in port 443, so it is possible to define options at any point of time.
  • 11. 11 We can proceed to the attack: msf auxiliary(openssl_heartbleed) > set RHOSTS 192.168.154.137 RHOSTS is to say that client has to connect to the above server IP address. These setting will be taken by the administrator in case of LAN.(eg. Nitk router will assign one default IP to clients). We can cross verify it whether the IP address of server assigned or not using the above option command. Everything is set now we can run the heartbeat request command by simply using run command, when the results are analysed properly, We can see the data leakage from heartbeat response: Figure 6. Data leakage from the response. The detailed observation of the above results reveals the details of my own Email account, all the passwords, private keys that I have used while communicating. With the help of private keys (Top level keys to be secured by OpenSSL using SSL/TLS) we can view all the web pages actually accessed and all the other clients I have connected to. Basically My profile will be Shared among other users. Figure 7. My own profile details leaked among connected clients.
  • 12. 12 4 Heartbleed Precautionsand preventions All Heartbleed-vulnerable systems should immediately upgrade to OpenSSL 1.0.1g. If you are not sure whether an application you want to access is Heartbleed vulnerable or not - try any one of the Heartbleed detector tools from section "Heartbleed detector tools." No action required if your application is not vulnerable. But if the application is vulnerable, wait for it to be patched with OpenSSL 1.0.1g. Once the patch is applied, all the users of such applications should follow the application's release documents from the service providers. Typically, steps to follow once the patch is applied are: • Changing your password. • generating private keys again. • Certificate revocation and replacement. An important step is to restart the services that are using OpenSSL (like HTTPS, SMTP etc). Before accessing any SSL/TLS application such as HTTPS, check to see if the application is vulnerable. Do not access or login to any affected sites. Ensure all such vendors or enterprises related to your business have applied this security patch. Keep your eyes open on such news of security vulnerabilities. The Heartbleed bug has shaken the Internet community on its dependency on the open source software. Even though OpenSSL is a very popular library, it was not properly scrutinized. One reason might be because of lack of resources and funds. The organizations and developers using open source software should contribute back to these open source communities in terms of donations, reviewing the code, testing and designing. Amazon, Facebook, Google have recently come forward to donate funds to improve open-source security systems. 4.0 Heartbleed detector Tools The following list of tools may help you detect whether a website is vulnerable to Heartbleed: • https://filippo.io/Heartbleed/ • http://csc.cyberoam.com/cyberoamsupport/webpages/webcat/2014-0160.jsp/ • http://heartbleed.criticalwatch.com/ • https://blog.lookout.com/blog/2014/04/09/heartbleed-detector/. • https://lastpass.com/heartbleed/ • http://www.tripwire.com/securescan/?home-banner/ • http://www.arbornetworks.com/asert/2014/04/heartbleed/
  • 13. 13 4.1 Does this resolve all the problems? No, not at all. This is the scariest part of the OpenSSL Heartbleed bug is that, even after taking these measures, no one can completely relax. This vulnerability has existed for more than 2 years. No one knows if their application has been exploited because the attack leaves no traces of it. There is a possibility that attackers might have been reading passwords, secret keys and other encrypted data. This theft cannot be known unless the misuse of the data is observed or the attacker discloses it. 4.2 Immediate aftermath Of Heartbleed The Heartbleed bug affects many different stakeholders: • Developers: The immediate action for developers is to upgrade their application to OpenSSL 1.0.1g. If not possible they should disable OpenSSL Heartbeat by recompiling OpenSSL. • System Administrators: System administrator should ensure that no impacted certificates could be reused. All impacted certificates should be revoked and replaced. Restart all such vulnerable services after applying patches. Users should be required to change the passwords after the patch has been applied. • Users: Do not access any vulnerable sites. Check it using any Heartbleed detector tools. Follow the released document of the patched sites before using their application. • Organizations and service providers using OpenSSL: The damage caused by this vulnerability could not be traced. So, organizations should presume the worst and prepare themselves accordingly. They should be prepared if attacker has already got access to their secured data. They should also apply these patches and provide a ‘to-do’ document for their users. 5 Conclusion Heartbleed is a big stain on today’s fast moving technology world. It is time to halt a little bit and do some introspection. Are we running too fast but forgot to tie our shoelaces? We cannot afford even such a minute mistake. Nothing has changed and the world will move on, but there is a big question mark on the trust this security vulnerability has broken. It will be hard to close this trust gap as Heartbleed will always remind us. Only time will tell how much actual damage it has caused, since it existed for more than two years. Nevertheless, it is about owning more responsibility towards creating more secured system by industry, organizations, developers and the open source community.
  • 14. 14 References [1] Bipin Chandra, Technical Writer, IBM. A technical View of the OpenSSL ‘Heartbleed’ Vulnerability. Version 1.2.1, May 13, 2014. [2] Alexander Borges. How to perform The Heartbleed Attack. Version A.1 , April 15, 2014. [3] Stephan Weisand, Technical Seminar, DESY, Zeuthen . The Heartbleed Vulnerability in OpenSSL, Version A.1, April 15, 2014. [4]Technical Team, Massachusetts Institute Technology, Cambridge, MA . CloudFare: Staying Ahead of OpenSSL Vulnerabilities. April 7, 2014. [5] Technical Team, Blue Coat. What is the Heartbleed Epidemic?. April 30, 2014. [6] Official Heartbleed Website by Codenomicon, https://www.heartbleed.com/ [7] Heartbleed:Vulnerabilty, http://vimeo.com/91425662/ [8] Education-Heartbleed, http://slideshare.com/ [9] Hacker news on Heartbleed, http://thehackernews.com/2014/04/heartbleed-bug-explained- 10-most.html [10] Article about Heartbleed, http://blog.csdn.net/fanbird2008/article/details/18623141 .