SSL Man in the Middle Proxy - PowerPoint PPT Presentation

About This Presentation
Title:

SSL Man in the Middle Proxy

Description:

Creates a forged cert using the remote server cert and proxy credential: ... The browser sees this forged cert as the SSL server cert. Getting Started. Start ... – PowerPoint PPT presentation

Number of Views:117
Avg rating:3.0/5.0
Slides: 13
Provided by: ianb154
Category:

less

Transcript and Presenter's Notes

Title: SSL Man in the Middle Proxy


1
SSL Man in the Middle Proxy
  • Srinivas Inguva
  • Dan Boneh
  • Ian Baker
  • Stanford University

2
Overview
  • Normal SSL
  • SSL encrypted data routed like normal TCP/IP data
    over the internet

SSL Web Server
Internet
3
Proxy Server
  • Browser connects to proxy
  • Proxy connects to web server and forwards between
    the two

SSL Web Server
Internet
4
Man in the Middle
  • Instead of forwarding encrypted data between the
    two hosts, our proxy will set up two DIFFERENT
    SSL connections between the two.
  • Proxylt-gtRemote Server
  • Sets up a normal SSL client connection to
    requested remote site
  • Proxylt-gtBrowser
  • Sets up a SSL server connection to the browser,
    using its own certificate, generated as a copy of
    the remote hosts cert
  • If the browser accepts this fake cert, the proxy
    has access to the data in the clear!

5
Proxy Server
  • Listens for the browser CONNECT request and sets
    up the needed SSL connections
  • Obtains the remote server cert from the remote
    SSL connection
  • Creates a forged cert using the remote server
    cert and proxy credential
  • SubjectDN, Serial Number, Extensions, same
  • Issuer, Public Key, Signature changed
  • The browser sees this forged cert as the SSL
    server cert

6
Getting Started
  • Start proxy server
  • Java command line application
  • Java 1.5 runtime environment
  • Configure Browser to use this SSL proxy
  • Browser specific
  • Add proxys certificate to the browser trusted CA
    store
  • Otherwise, certificate not trusted warnings

7
Proxy Server Usage
  • java mitm.MITMProxyServer ltoptionsgt
  • -localHost lthost name/ipgt Default is
    localhost
  • -localPort ltportgt Default
    is 8001
  • -keyStore ltfilegt Key
    store details for
  • -keyStorePassword ltpassgt certificates.
    Equivalent to
  • -keyStoreType lttypegt
    javax.net.ssl.XXX properties
  • -keyStoreAlias ltaliasgt Default is
    'mykey'
  • -outputFile ltfilenamegt Default is
    stdout
  • -v
    Verbose proxy output
  • keyStore is the Java KeyStore file containing the
    proxy cert
  • outputFile contains the plaintext of all proxied
    HTTP requests

8
Configuring an SSL proxy in Firefox
9
(No Transcript)
10
(No Transcript)
11
Possible Problems
  • You should be able to start up the proxy server
    and connect to it out of the box
  • If you are having problems
  • Is someone else using the port? (default 8001)
  • Try a different port on the command line
  • Firewall problems?
  • Try opening the needed port 8001
  • Or using SSH port forwarding
  • Try running your browser on the same machine and
    setting the proxy as localhost

12
Questions?
  • Project home page
  • http//crypto.stanford.edu/ssl-mitm/
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SSL Man in the Middle Proxy" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!