Shulou(Shulou.com)06/01 Report--

CVE-2020-0601 Windows CryptoAPI verification is an example analysis of the principle of bypassing vulnerabilities. In view of this problem, this article introduces the corresponding analysis and solutions in detail, hoping to help more partners who want to solve this problem to find a more simple and feasible method.

Analysis of the principle of 0x00 vulnerability

ECC elliptic curve encryption (Elliptic curve cryptography) is an algorithm for establishing public key encryption. Based on elliptic curve mathematics, it was independently proposed by Neal Koblitz and Victor Miller in 1985. The main advantage of ECC is that in some cases, smaller keys are used than others, such as the RSA encryption algorithm, to provide a considerable or higher level of security.

The principle of ECC elliptic curve encryption lies in: let G be a point on the curve and d be an integer so that the point Q = d.G. If d and G are given, it is easy to find Q, but if G and Q are given, it is difficult to find d. Where Q is the public key and d is the private key.

The principle of CVE-2020-0601 vulnerability is that win10 adds support for ECC keys with parameters, but when doing signature verification in crypt32.dll, only the matching public key Q is checked, but not the generator G. Public key Q = dG,d is the private key. Because win10 supports a custom generator called dG, an attacker can provide G'= Q _ d' = e (unit) so that the public key Q = generator = dashed G'. The public key Q of the two pairs (Q, G)-(Q, G') is the same, but G is different from G'. Because of the verification defect, only the public key Q is detected. Thus, the attacker's signature with his own private key d 'will be verified and considered to be the signature made by the official private key d.

The process of verifying the signature is as follows: assuming that the hash value of the exe file An is X, and the value checked out with the forged private key d'is Y, when verifying, the public key Q is used to solve Y to get X, which is consistent with the hash value of exe. The system thinks that the signature is correct and completes the bypass.

This vulnerability can be exploited to use forged certificates to sign malicious executables to make them appear to come from trusted sources, or to conduct man-in-the-middle attacks and decrypt confidential information that users connect to the affected software.

0x01 timeline

2020-01-14 Microsoft officially issued a security announcement

2020-01-15 360CERT issued an announcement

Principle Analysis of 2020-01-16 360CERT release vulnerability

This is the answer to the sample analysis question on the principle of CVE-2020-0601 Windows CryptoAPI verification to bypass vulnerabilities. I hope the above content can be of some help to you. If you still have a lot of doubts to be solved, you can follow the industry information channel for more related knowledge.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.