DEF CON 31 - certmitm Automatic Exploitation of TLS Certificate Validation Vulns - Aapo Oksman
Рет қаралды 12,012
Күн бұрынTLS is the de facto way of securing network connections. It provides an easy way of ensuring confidentiality, integrity and authentication for any type of communication. However, like most things in life, this is also too good to be true.
TLS allows communicating parties to uniquely authenticate each other by validating each other's certificate. However, many TLS libraries and frameworks have insecure default settings or allow for the developers to skip important aspects of certificate validation in their client implementations.
This talk explores issues in TLS client certificate validation and the underlying reasons why developers still fail to implement TLS correctly. Most importantly, we hack all the things with a new TLS mitm tool: certmitm.
certmitm automatically discovers and exploits insecure certificate validation vulnerabilities in TLS clients. Let's use the tool to hack iOS, Windows 11 and more while we deep dive into the world of insecure TLS certificate validation.
@spacenomad5484 Жыл бұрын
Sorry to my co-worker who once a year asks why don't just issue more certificates from the one we already bought. You were right, we could've just issued some more.
@stubstunner Жыл бұрын
Excellent presentation. I’m not sure that people entirely understand the scope of this right now. It took 14 years, and it still got to this point.
@sabofx Жыл бұрын
nice tool and great presentation 👌
@DedmenMiller 11 ай бұрын
I implemented cert validation years ago, but for executable signing. I knew i was probably doing it improperly as i had no idea what i was doing. This tool will be awesome just for the test certs generation
@JonJaded 8 ай бұрын
Excellent! Great talk and very informative.
@lastnameavailableok 10 күн бұрын
excellent aapo
@xXBlackAngelDoomXx Ай бұрын
Very interesting talk. I think we can at least be safe that safe DNS protocols like DoT or DoH and encryption via WPA2 partially guarantee some safety via these not secure TLS connections, but of course this is not sufficient to conclude that TLS is useless and should behave this way! Corporations that replied to you defending themselves behind the assumptions of safe connections/connections made to "private connections" (in contrast to public unsafe ones) are using some coping mechanisms to not accept their responsibilities!
@PexiTheBuilder 11 ай бұрын
As Fin can hear pain of being in spotlight. Can only imagine how wasted been after this.. :D
@kellyoreilly7357 8 ай бұрын
The vulnerability affects PlayStation, but it's Sony's fault for still running outdated versions TLS12 instead of the new secure TLS13.
@hackjealousy 11 ай бұрын
So bad it had to have been done on purpose.
@KieranFoot 11 ай бұрын
Out of scope. Because secure transfer of data over a public network isn't a requirement for a secure system/application :P
@demon1337 10 ай бұрын
Maybe, but secure transfer of data over a *untrusted* network is... and every network could be a untrusted network.
@charliechuck1021 8 ай бұрын
Ps5 Jailbreak?
@popularrandomstuff1348 8 ай бұрын
no its not its a TLS Protocol Exploit
@K3taP4n 8 ай бұрын
@@popularrandomstuff1348What can you do with it? I dont know anything about this topic
@marcussacana 6 ай бұрын
@@popularrandomstuff1348 do you know the CVE number?
DEFCONConference
Рет қаралды 113 М.
DEFCONConference
Рет қаралды 12 М.
DEFCONConference
Рет қаралды 86 М.
The Security Repo
Рет қаралды 2,5 М.
Matt Brown
Рет қаралды 59 М.
DEFCONConference
Рет қаралды 20 М.
DEFCONConference
Рет қаралды 342 М.
Matt Brown
Рет қаралды 257 М.
DEFCONConference
Рет қаралды 261 М.
Christiaan008
Рет қаралды 1,6 МЛН
DEF CON 31 - SpamChannel - Spoofing Emails From 2M+ Domains & Virtually Becoming Satan - byt3bl33d3r
DEFCONConference
Рет қаралды 130 М.