This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

How to spoof packets / send fake certificates?

0
1

Just for the curiosity really. I am sure you can send http requests from a computer. How can I do that?

Let's say I visit google.com from my smartphone, it automatically returns https version instead of http. Is it possible that when my laptop sees that my smartphone uses https somehow, it would send a fake certificate or something, and if smartphone accepts that, there would no longer be a secure connection between google and smartphone?

asked 02 May '14, 10:55

tttttttttttt2's gravatar image

tttttttttttt2
347912
accept rate: 0%


2 Answers:

1

As @Jasper mentioned, you can do a SSL man in the middle attack. Besides the tools he mentioned, there are some other interesting tools for Linux to intercept HTTPS connections and send fake certs.

http://mitmproxy.org/
http://honeyproxy.org/

Furthermore you can try to 'downgrade' https to http. This will work well in some cases (especially SSL secured form based authentication) and it won't work in other cases (if the server requires SSL and it won't accept HTTP anymore).

http://wroot.org/posts/downgrade-https-connections-to-http-using-ettercap-filters/

Finally you could also try to play HTTP-to-HTTPS proxy. If your client tries to access a site with HTTP, and if the server sends a redirect to the HTTPS URL, you could intercept that redirect (with a MIM) and then simply talk HTTPS to the server and HTTP to the client. In that case you even don't have to fake cert. Neither of them will realize you are in between. Take a look at the 'Reverse proxy mode' of mitmproxy (mentioned above) or sslstrip.

Regards
Kurt

answered 03 May '14, 02:24

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 04 May '14, 08:38

@KurtKnocher What if the network is protected by wpa/wpa2 and a preshared key (which I have)? Will this software work?

(03 May '14, 06:07) tttttttttttt2

Yes it will. WPA2 will not protect against these kinds of attacks between two clients in the same wireless LAN.

(03 May '14, 15:42) Quadratic

@KurtKnocher: " If your client tries to access a site with HTTP, and if the server sends a redirect to the HTTPS URL, you could intercept that redirect (with a MIM) and then simply talk HTTPS to the server and HTTP to the client" - I made that work. But what if client tries to access https website? Why doesn't it redirect to http? What could I do to make it redirect?

(04 May '14, 08:49) tttttttttttt2
1

But what if client tries to access https website?

Then it does not work (one of the cases I mentioned above), because in that case the client expects to receive valid from the target server. Valid means, a cert signed by one of the CA certs the client knows (usually built into the OS and/or client software).

Why doesn't it redirect to http?

Because you can't. The connection between the client and the server is encrypted and the client won't accept a simple HTTP redirect for this encrypted HTTPS connection.

What could I do to make it redirect?

Nothing, as that's not possible without intercepting the SSL connection (means doing a mitm attack) by sending a fake cert to the client, which will pop-up a warning in the client, as the cert is signed by a CA that is unknown the the client.

That's a major part of the SSL/TLS security story/concept!!

If you could subvert that in any way, SSL/TLS would be totally pointless ;-))

However there have been implementation bugs in SSL/TLS that did allow bad things. Just search for 'ssl vulnerabilities' in your preferred search engine.

(04 May '14, 09:09) Kurt Knochner ♦

@KurtKnochner: Thank you so much. What about sending fake certificates? I am trying ettercap and it works if client accepts bad certificate, however, it shows only form submissions, but I want to see all the traffic (for example what if user is already logged in). I think it really should be possible with a fake certificate, but I can't figure out how.

(04 May '14, 09:18) tttttttttttt2

My guess is to use etter.ssl.crt in wireshark somehow, because that is a certificate client accepts. What do you think?

(04 May '14, 09:22) tttttttttttt2

I think it really should be possible with a fake certificate, but I can't figure out how.

Yes, that's possible, but kind of beyond the socpe of this site (ask Wireshark related questions).

Please take a look at the docs of mitmproxy or search for 'mitmproxy tutorial'. That should bring up the necessary information.

(04 May '14, 09:22) Kurt Knochner ♦

@KurtKnochner: I think it could be related to wireshark? Because etter.ssl.crt is a certificate that client accepts and maybe it's possible to use it in wireshark, then it could decrypt ssl traffic (just my guesses).

(04 May '14, 09:23) tttttttttttt2

Also, for mitmproxy it seems ssl certificate has to be installed in the device first.

(04 May '14, 09:44) tttttttttttt2

Also, for mitmproxy it seems ssl certificate has to be installed in the device first.

Sure!

And that's the same for all SSL interception solutions!! You'll have to add the CA cert that issues the fake certs to the trusted issuer certificate store of the client, otherwise the client will warn the user about the fake cert. If you issue self signed certs, you will have to add them to the cert store, instead of the interception CA cert.

As I said: That's a fundamental part of the SSL/TLS security. If you could subvert that with any way, using SSL/TLS would be totally pointless!!

Please read more about how SSL/TLS works (google it), as some aspects of SSL interception will be much clearer for you then.

Maybe, the following paper helps to better understand SSL interception and what's possible and what not

https://media.blackhat.com/bh-eu-12/Jarmoc/bh-eu-12-Jarmoc-SSL_TLS_Interception-Slides.pdf

(04 May '14, 10:47) Kurt Knochner ♦

I understand that client will be warned, that's fine by me.

(04 May '14, 11:04) tttttttttttt2

Also, what if user is logged in, I want him to be logged out or accept a new certificate. Again, I understand that the client will have to accept this fake certificate and he'll be warned.

(04 May '14, 11:06) tttttttttttt2

Also, what if user is logged in, I want him to be logged out or accept a new certificate

it does not make a difference if the client is logged in or not (at the application on the target server).

All that matters is, if you are able to force the client to establish a new SSL/TLS session. Only then you will be able to intercept the handshake and send back the fake cert. So, if the client has already established a TLS connection, you can try to RESET the TCP connection (send a faked TCP RESET).

BTW: Wireshark won't be able to send that TCP RESET. Please google other tools that can do it.

BTW#2: While this is an interesting discussion (and I'm willing to continue it for a while), it kind of gets 'out of control' regarding the purpose of this site (Wireshark questions and answers). Maybe you're better off asking these kind of questions in another site/forum, like the Kali Linux Forum ;-))

(04 May '14, 11:12) Kurt Knochner ♦

Thank you Kurt :) I posted a question there. Basically I just have 2 questions remaining: how to use a certificate that is applied in victim's browser from ettercap in wireshark and how to send a tcp reset.

(04 May '14, 12:19) tttttttttttt2

Strangely I can't find how to sent tcp rst request... :/

(04 May '14, 14:06) tttttttttttt2

Oh, and ettercap stops working after an hour or so... :| Also, why ip_forward is not set 1 by default at all times? Damn it, I know so little and I wish I had a job related to cyber security or something like that.

(04 May '14, 17:21) tttttttttttt2

btw, using ettercap+sslstrip means that sslstrip will try to use http if client requested it (https will be between my pc and server then), and if it's not possible, ettercap will be used by sending a fake cert that user has to accept, right?

(04 May '14, 17:30) tttttttttttt2

I made it all work, I've figured out how to apply ethercap certificate in wireshark and it shows decrypted ssl traffic. Finally. :) Is it possible to dump packets to file with ethercap -w file only of particular ip? Kali linux doesn't approve my question for some reason...

(05 May '14, 05:41) tttttttttttt2
showing 5 of 19 show 14 more comments

0

No, because the fake certificate would be invalid and the user gets a big red warning (otherwise there would be no point in using certificates if they could be falsified). But if you can get the guy using the smartphone to accept bad certificates you could. Easiest way to do this is to use a proxy, like Burp or Fiddler.

answered 02 May '14, 11:32

Jasper's gravatar image

Jasper ♦♦
23.8k551284
accept rate: 18%

Anything on Linux?

(02 May '14, 15:17) tttttttttttt2

Burp works on all plattforms.

(02 May '14, 17:47) Jasper ♦♦

Also, shouldn't ARP poisoning be enough? Why use Burp?

(03 May '14, 07:22) tttttttttttt2

Also, what if I change my MAC address on laptop to the same as Smartphone's MAC, will I then be able to see HTTPS requests' content in wireshark? I think it makes sense if both smartphone and laptop are on the same network.

(03 May '14, 07:27) tttttttttttt2

ARP poisoning only forces the packets to use your node as "gateway" on a layer2/3 basis. You cannot modify or exchange certificates on those layers, you need some software to do that. Which is where the proxies or MITM tools come in.

If you create a duplicate MAC on the network you might actually see some of the packets, yes, but that is not a predictable or stable way to do things. You'll most likely confuse your switch by telling it that the same destination exists in two physical locations, which will lead to MAC address flapping (which is not good).

(04 May '14, 20:26) Jasper ♦♦