In unserem Blog veröffentlichen wir in unregelmäßigen Abständen Artikel zu verschiedenen Themen der IT-Sicherheit, wie z. B. Open Penetrationstests, öffentlichen Bedrohungsanalysen und Analysen zu anderen interessanten Themen.
Auf der Jagd nach Sicherheitslücken in TLS-Bibliotheken // Open-Source-Testsuite TLS-Anvil
- Conrad Schmidt
Fachartikel in "IT-Sicherheit – Magazin Management und Technik" – Forschungsprojekt KoTeBi
TLS ist der wichtigste kryptographische Standard für digitale Kommunikation im Internet. Durch Implementierungsfehler entstehen jedoch immer wieder Sicherheitslücken, die für komplexe Angriffe auf TLS-Server und -Verbindungen ausgenutzt werden können. Durch spezielle Software können Entwickler:innen und Sicherheitsforscher:innen solche Fehler erkennen und noch vor Release beheben. Das Forschungsprojekt KoTeBi zeigt wie es geht.
Where Is XML Used in Practice?
- Jost Rossel
Where Is XML Used in Practice? – Blog Series – Part #02
To find out which systems can be vulnerable to attacks based on XML, it is essential to investigate in which scenarios the technology XML is used. In the last post in this series, we explained the basic concepts of XML and attacks such as XXE. In this second part, we would like to discuss the most common uses of XML to enable you to effectively identify and fix potential vulnerabilities in your systems.
Von FAPI 1.0 zu FAPI 2.0: Ein Vergleich der Sicherheitsprofile für OAuth und OpenID Connect
- Karsten Meyer zu Selhausen, Johanna Schenkel
FAPI verstehen – Blogserie – Teil #04
Das Ziel der FAPI ist es, Profile für den Einsatz von OAuth und OpenID Connect mit höchstem Sicherheitsniveau zu erreichen. Dieses Sicherheitsniveau wird zum Beispiel im Finanztechnologie-Sektor oder im e-Health Kontext benötigt. Neben der ersten Version – der FAPI 1.0 – wird zur Zeit eine neue verbesserte Version – FAPI 2.0 – entwickelt. In diesem Blogpost werden wir die Unterschiede zwischen FAPI 1.0 und FAPI 2.0 beleuchten und die jeweiligen Merkmale der beiden Profile vergleichen.
Template Injection Vulnerabilities – Understand, Detect, Identify
- Maximilian Hildebrand, Karsten Meyer zu Selhausen
Many web applications make use of template engines to employ the MVC (Model-View-Controller) pattern. While web developers benefit greatly from their powerful features and simplicity, it is essential to focus on their security. An insecure configuration can result in template injection vulnerabilities causing severe risks for the web application, its data, and its users.
Public Penetration Test Report – WAYF Identity Provider (OpenID Connect and SAML)
Last year our team was selected to conduct a penetration test of the identity provider (IdP) of WAYF – the Danish Identity Federation for Research and Higher Education. Their IdP supports single sign-on based on SAML and OpenID Connect, both fields in which we have in-depth expertise and many years of experience.
In the following, we summarize the findings of this penetration test and provide the full penetration test report to the public.
How Does FIDO2 Try to Solve the World’s Password Problem?
- Maximilian Hildebrand
Multi-Factor Authentication (MFA) – Blog Series – Part #02
In the previous blog post on Multi-Factor Authentication (MFA), we compared the five most commonly used possession factors. FIDO2 — the winner of that comparison — is a holistic solution for MFA and it can even be used for secure passwordless authentication without the need for additional factors. FIDO2 is billed as “the industry’s answer to the password problem” [1]. But how does FIDO2 work and what are its advantages over passwords and other MFA methods?
The New OWASP Top 10 API Security Risks 2023 – What Has Changed?
- Maximilian Hildebrand
In the previous blog posts on API security, we introduced the 10 most critical API risks based on the 2019 edition of the OWASP Top 10 API Security Risks. Then we explained the most critical risk—Broken Object Level Authorization (BOLA)—in detail. Now, after almost 4 years, the new OWASP Top 10 API Security Risks 2023 has been released. In this blog post, we will discuss what has stayed the same and what has changed compared to the last API Security Top 10 of 2019.
Wie unterscheidet sich der Schutz der FAPI 1.0 Profile?
- Johanna Schenkel
FAPI verstehen – Blogserie – Teil #03
Die FAPI wurde entwickelt, um OAuth und OpenID Connect auch in sensiblen Bereichen mit einem hohen Sicherheitsanspruch, wie zum Beispiel im Finanzsektor oder im e-Health Kontext, sicher einsetzen zu können. Die verschiedenen Profile der FAPI 1.0 bieten unterschiedliche Sicherheitslevel, welche je nach Kontext optimal eingesetzt werden können.
Security of Instant Messaging
- Prof. Dr. Jörg Schwenk
Study – Interoperability between Messaging Services: Secure Implementation of Encryption (Bundesnetzagentur), Prof. Dr. Paul Rösler and Prof. Dr. Jörg Schwenk
Instant Messaging (IM) apps like WhatsApp, Signal, Threema, and Telegram are used by billions of people around the globe. Many of these apps offer End-to-End Encryption (E2EE), and people trust the security of these apps to communicate their most private thoughts. But what do we really know about the security of these apps?
Multi-Factor Authentication (MFA) – Comparison of the 5 Most Used Possession Factors
- Maximilian Hildebrand
Multi-Factor Authentication (MFA) – Blog Series – Part #01
Passwords are often the only measure needed to access an important account or service. But this does not provide sufficient security. Recent statistics show that 65% of people still use the same password or a variation of a single password for many or all of their accounts and 45% do not change it even after a breach has occurred [1]. It is therefore not surprising that over 70% of all breaches are caused by inadequate passwords, such as reused or weak passwords [2]. Multi-factor authentication (MFA) is intended to mitigate these shortcomings.
KoTeBi – Kombinatorisches Testen von TLS-Bibliotheken
- Prof. Dr. Juraj Somorovsky
TLS (Transport Layer Security) ist der wichtigste praktisch eingesetzte Sicherheitsstandard – mit TLS werden die Authentizität, Integrität und Vertraulichkeit privater und geschäftlicher Kommunikation sichergestellt, Datenschutz gewährleistet und komplexe IT-Systeme abgesichert. Während die theoretische Sicherheit von TLS gut untersucht und verstanden ist, entstehen durch Implementierungsfehler immer wieder gravierende Sicherheitslücken, die für Angriffe ausgenutzt werden können (HeartBleed, POODLE, ROBOT, DROWN, RACCOON, …). Konnten die ersten Implementierungsfehler noch leicht manuell gefunden werden, nutzen neuere Angriffe ein komplexes Zusammenspiel mehrerer TLS-Versionen und zahlreicher TLS-Features.
XML – An Overview
- Jost Rossel
What Are the Risks of XML? – Blog Series – Part #01
The eXtensible Markup Language (XML) is one of the most widely used languages to represent hierarchical data. The popularity of XML goes hand in hand with the use of AJAX [9] at the dawn of the modern Internet [2]. Although XML has been superseded as the Internet's leading data exchange format by JSON [2], the format has left its mark on today's technology landscape. After all, whatever you do on your PC these days, you are—consciously or unconsciously—most likely using XML.
BOLA – The #1 Most Critical API Risk Exemplified
- Maximilian Hildebrand
In the previous blog post about API security, we described how to secure an API and introduced the top 10 most critical risks for APIs. This blog post will take a deeper dive into the most critical risk of all: broken object level authorization (BOLA). Based on real-life weaknesses we found during penetration tests, we will cover a few examples and also provide tips and tricks on how to spot and mitigate BOLA vulnerabilities.
Was steckt hinter der FAPI – ein Überblick
- Johanna Schenkel
FAPI verstehen – Blogserie – Teil #02
Die FAPI ist eine attraktive Lösung in der Digitalisierung des Finanzsektors. Als interoperable Lösung für "Open Banking"-Szenarien erlaubt die FAPI regulatorische Vorschriften umzusetzen und dabei einen hohen Sicherheitsstandard zu erfüllen. Die FAPI bietet verschiedene Profile für das Autorisierungsframework OAuth an. Mittels der Profile werden unterschiedliche Sicherheitsziele erreicht, um verschiedene Szenarien optimal gegen Cyberangriffe zu schützen.
How to Secure APIs?
- Maximilian Hildebrand
APIs (Application Programming Interfaces) allow companies to modularize functions and easily provide them to customers and third-parties. Current statistics show the increasing usage of APIs is accompanied by increasing security concerns. In 2021 the API traffic increased by 321%, whereas attacks on them increased by 681% compared to 2020, based on the latest report by Salt labs. 95% of all organizations had an API cyber security incident in the past 12 months [1] and the Google searches for the topic “Web API Security” increased by 400% since 2016 [2]. Current research by Imperva indicates that APIs account for 4,1% to 7,5% of all yearly cybersecurity attacks incidents and result in damages of 41 to 75 billion dollars.
Wie werden mit der FAPI im Finanzsektor hochsichere APIs realisiert?
- Johanna Schenkel
FAPI verstehen – Blogserie – Teil #01
In den letzten Jahren hat sich Online-Banking zunehmend einer größeren Beliebtheit erfreut. Finanzgeschäfte jeglicher Art werden sowohl im privaten Bereich, als auch im geschäftlichen Kontext, immer weiter digitalisiert. Doch die Digitalisierung des Finanzsektors ist eine anspruchsvolle Aufgabe: Durch die Verarbeitung hochsensibler Daten und die Rechte zur Ausführung von Zahlungen sind die IT-Systeme von Banken attraktive Angriffsziele.
XSinator.com – On Bypassing a Browser’s Same-Origin Policy (ACM CCS 2021 Best Paper Award)
- Marcus Niemietz, Christian Mainka
Three co-founders from Hackmanit (Prof. Dr Jörg Schwenk, Prof. Dr. Marcus Niemietz, Dr. Christian Mainka), together with researchers from the Ruhr University Bochum, received the Best Paper Award at the "ACM Conference on Computer and Communications Security" (CCS) 2021. CCS is one of the most important international IT security conferences and their committee selected the publication "XSinator.com: From a Formal Model to the Automatic Evaluation of Cross-Site Leaks in Web Browsers" for the best paper award.
Web Cache Vulnerability Scanner (WCVS) - Free, Customizable, Easy-To-Use
- Maximilian Hildebrand
Web Cache Vulnerability Scanner (WCVS) is an open source standalone CLI web cache poisoning vulnerability scanner. We just released the stable version of WCVS to the public. As already announced in our previous blog post about web cache poisoning, WCVS enables users to easily and thoroughly scan their applications for web cache poisoning. In this blog post we will introduce the main features of WCVS.
Over 100 Bugs in a Row – Empirical Study About Popular CMS Extensions
- Marcus Niemietz
In this blog post, we describe our second pro bono penetration test focusing on the top-10 extensions of the popular content management system (CMS) Joomla. In contrast to our first pro bono penetration test, we had a much wider scope due to 10 different CMS extensions. Therefore, we have decided to do an empirical study. In total, we responsibly reported 103 vulnerabilities.
Is Your Application Vulnerable to Web Cache Poisoning?
- Maximilian Hildebrand
Web Caches are widely used, but their impact on security is often overlooked. In this post, we explain one attack class targeting web caches called “Web Cache Poisoning”. You will learn how “Web Cache Poisoning” might allow a malicious actor to exploit a web cache to attack your users or your application and how you can prevent this attack.
How to Protect Your OAuth Client Against Mix-Up Attacks
- Karsten Meyer zu Selhausen
There are many attacks that you need to address when implementing an OAuth or OpenID Connect client. Despite its severe impact one attack is often overlooked in the process of securing clients; in a so-called “mix-up attack” an attacker makes use of a malicious authorization server to steal authorization codes or access tokens. Afterwards, the attacker can access the victim’s resources.
In this blog post we explain the best way how you can protect your application and prevent the severe impact of mix-up attacks.
The Raccoon Attack
- Juraj Somorovsky
In September, we* published our new attack called Raccoon. Raccoon is a timing vulnerability that affects all TLS specifications up to 1.2. It allows attackers under certain conditions to break the encryption and read sensitive communication, for example, HTTP traffic or emails. Luckily, the vulnerability is really hard to exploit and relies on very precise timing measurements and on a specific server configuration to be exploitable.
Pro Bono Penetration Test Program - Second Candidate
Last September, we announced our pro bono program to support non-commercial organizations and open-source applications. With this program, we want to help them to increase security if they cannot afford a professional penetration test. For selected applicants, we will conduct a professional penetration test with a total expense of up to ten man-days - for free!
Earlier this year we selected our first candidate: the JavaScript-based password manager KeeWeb. We identified multiple security issues and helped the developers to fix them. This allowed them to effectively protect KeeWeb’s users and their valuable credentials. You can find the full report of the penetration test here: KeeWeb Penetration Test Report.
Are you involved with any project or application that could benefit from a professional penetration test, as well? Apply now to become our next candidate.
When PKCE Cannot Protect Your Confidential OAuth Client
- Christian Mainka, Karsten Meyer zu Selhausen
“Proof Key for Code Exchange” (also known as PKCE) [1] is a well-known protection mechanism for OAuth and OpenID Connect.
It was initially introduced to protect leaked or stolen authorization codes of benign native and mobile apps (which are public clients) from being redeemed by malicious apps.
With the time PKCE has become one of the standard measures to improve the security of OAuth and OpenID Connect protocol flows for all kinds of clients. The best current practices draft [2], which advises on how to implement OAuth securely, recommends to generally use PKCE to protect the authorization code and also prevent CSRF attacks.
However, PKCE cannot protect your client against all attacks which target the code. In this blog post, we will explain one attack example, which circumvents PKCE and allows an attacker to use a stolen code to access the victim’s resources.
Analysis of the GnuTLS Session Ticket Bug (CVE-2020-13777)
- David Ziemann
This June a bug [1] in certain GnuTLS versions was found, which affects the security of session resumption when session tickets are used. The bug causes servers using this implementation, to encrypt session tickets with an all-zero key for the duration of the initial key rotation interval. Thus session tickets issued by a vulnerable server during its first hours of uptime can be decrypted. By default GnuTLS changes the key used for encryption of session tickets every 18 hours.
Affected by the bug is TLS 1.2 when session tickets (defined in RFC 5077 [2]) are used. The data obtained from the decrypted session ticket can be used to decrypt all (recorded) communication of the associated TLS session.
Pro Bono Penetration Test: KeeWeb
- Karsten Meyer zu Selhausen, Marcus Niemietz
By supporting non-commercial organizations and open-source applications, we want to increase their security. For this reason, we created our pro bono program last September. The pro bono program offers applicants the chance to be selected for a free high-quality penetration test with a total expense of 10 man-days.
As the first candidate, we selected KeeWeb, which is a KeePass compatible password manager. KeeWeb is both available as a web application and cross-platform native application. It allows users to open and sync their password databases stored locally or in a cloud storage.
We selected KeeWeb because it was an excellent fit for our pro bono program. First, its security is crucial, given the fact it processes the user’s password databases. Second, it is a web application written in JavaScript and accesses cloud storage providers using OAuth. Both are part of our key expertise.
Eurobits Excellence Award 2019
This December, Karsten Meyer zu Selhausen received the Eurobits Excellence Award 2019 for his master's thesis "Security of PDF Signatures" [1]. Since 2017, eurobits e.V. – as the center for excellence within the IT security field located in Bochum – annually honors a thesis of a graduated student within the field of IT security for its scientific contribution and high relevance for IT security in practice.
Our IT security consultant Karsten was among the first to investigate the security of digital signatures applied to PDF files. The results of his master's thesis provided the basis for the paper "1 Trillion Dollar Refund – How To Spoof PDF Signatures" published at CCS '19 [2] and helped to increase the security of the affected applications.
Hackmanit congratulates Karsten on winning the award and is happy that he is part of the team.
In the following, a short overview of the results of his master's thesis is given.
XML Signature Validation Bypass in simpleSAMLphp and xmlseclibs
- Juraj Somorovsky, Karsten Meyer zu Selhausen
In October, we conducted a grey-box penetration test of a SAML-based single sign-on solution operated by SURFnet. The tested application used the open-source PHP library SimpleSAMLphp, whose source code we analyzed as a part of the penetration test. We were able to identify a novel variant of an XML Signature Wrapping (XSW) attack in SimpleSAMLphp, which allowed us to bypass the integrity and authenticity protection of the SAML assertion and change its contents arbitrarily.
In the following, we explain the details of the successful XSW attack, but first, we give a brief overview to SimpleSAMLphp, SAML, and XSW in general.
How to Prevent Framing Attacks
- Marcus Niemietz
UI Redressing (UIR) describes a set of powerful attacks which can be used to circumvent browser security mechanisms like sandboxing and the Same-Origin Policy. In essence, an attacker wants to lure a victim into performing actions out of context by commonly making use of social engineering techniques in combination with invisible elements and hijacked trustworthy events. The set of attacks includes techniques like manipulating the mouse cursor, stealing touch gestures, and maliciously reuse keystrokes. Introduced in 2008, clickjacking was the first UIR attack which made it possible to automatically hijack the camera and microphone of the victim by stealing a few left-clicks within a Flash-based browser game.
Pro Bono Penetration Test Program
Hackmanit is happy to announce its pro bono penetration test program for web and single sign-on (SSO) applications. In a half-year cycle, starting in January 2020, we offer free remote penetration tests with a maximum contingent of ten man-days.
We aim to support non-commercial organizations which cannot afford commercial penetration tests. You can apply for a free penetration test if you feel that your organization fulfills the following requirements:
- Non-commercial application (e.g., open-source software)
- High impact (e.g., a high number of users or high criticality in the security/privacy areas)
- You as an applicant should take care of clarifying any potential ethical and legal concerns
There will not be any significant difference between our pro bono penetration test and our usual commercial engagements except that you do not have to pay anything. However, in contrast to our commercial tests, you must agree to allow Hackmanit to publish the unfiltered version of our penetration test report. We will do this after you have fixed the weaknesses or, at the latest, after 90 days from informing you about the weaknesses.
Penetration Test of the DENIC ID
- Juraj Somorovsky, Karsten Meyer zu Selhausen
Based on the proven expertise in the areas of single sign-on and OpenID Connect, our team has been selected to perform an open penetration test of the DENIC ID - an implementation of ID4me.
The scope of the penetration test was to evaluate typical single sign-on weaknesses and the impact of novel features implemented in DENIC ID on the security of this login system.
DENIC ID
DENIC ID is the first widely-deployed implementation of ID4me (https://id4me.org/documents/) - a novel protocol for federated identity management. It is based on well-established standards such as OpenID Connect and Domain Name System (DNS). In contrast to other single sign-on schemes, ID4me divides the duties of the identity provider into two separated entities: an identity agent and an identity authority. The identity agent provides registration services and manages user data. The identity authority is responsible for user authentication and authorization.