A security researcher demonstrates how an SSL renegotiation vulnerability made public earlier in November could be exploited to steal Twitter log-in credentials.
A security researcher has demonstrated how attackers could
use a newly discovered vulnerability in the Secure Sockets Layer protocol to
launch an attack on Twitter.
The researcher, Anil Kurmus, posted details of the attack to
The Secure Goose, Nov. 10.
The exploit takes advantage of a vulnerability reported
Nov. 5 by researchers from PhoneFactor.
Although the security hole Kurmus took
advantage of has reportedly been closed by Twitter, one of the researchers at
PhoneFactor who discovered the bug said the exploit underscores the
The exploit takes advantage of an SSL renegotiation issue.
According to PhoneFactor, the vulnerability partially invalidates the SSL lock
and enables attackers to launch attacks that could compromise a variety of
sites that use SSL for security-
including banking sites, and
back-office systems that use Web services-based protocols.
In a paper, PhoneFactor researchers
Steve Dispensa and Marsh Ray explained
(PDF) that the vulnerability allows
a man-in-the-middle attack to inject an arbitrary amount of chosen plaintext
into the beginning of the application protocol stream. This in turn can lead to
a variety of abuses, they contended.
In Kurmus' case, he took advantage of the flaw to steal
Twitter log-in information as it passed through encrypted data streams between
client applications and Twitter's Web servers.
"If a Web application allows users [to] store or
transmit arbitrary data from a post request to a location where the user can
later retrieve it, an attacker can prefix the victim's entire HTTP request as a
post and then read it back out, gaining access to sensitive information in the
process, such as cookies or other authentication credentials," explained Tom
Cross, manager of IBM X-Force Advanced Research,
in a blog post. "In
Mr. Kurmus' example he uses this technique to post a victim's Twitter request
to his own Twitter feed, gaining access to the victim's password."
"Obviously, a great many Web applications allow users
to store or transmit arbitrary data," Cross continued. "The most
obvious examples are Web mail applications-
the attacker could
essentially e-mail himself a copy of the victim's cookie. Webmail credentials
are a popular target on insecure wireless LANs."
When news of the vulnerability hit, some in the security
community said the bug's impact was essentially the same as
cross-site request forgery, which many Web applications are protected against.
However, according to Dispensa, Kurmus' exploit showed that the bug could have
"It's difficult to predict the implications of a break
in a security protocol, however subtle it might be," Dispensa said in a
statement. "I suspect we'll be uncovering new ways to exploit this
protocol flaw for years to come. A complete solution involves patching every SSL
client and server in the world, which will take years, so administrators will
have to keep a close eye on systems in the meantime. Administrators should
deploy countermeasures such as vendor-supplied patches, intrusion detection systems
and so on."