SlideShare a Scribd company logo

Heartbleed Overview

SensePost, profile picture
SensePost

This document summarizes the Heartbleed vulnerability that was announced in April 2014. It allowed attackers to read portions of a server's memory and extract private keys and user cookies. The vulnerability was in OpenSSL and affected many major companies. It was possible due to a buffer over-read in the OpenSSL implementation of the TLS Heartbeat Extension. While initially many were vulnerable, within a month most major sites and services had patched the vulnerability. The event highlighted issues with OpenSSL's code quality and maintenance and increased funding to address these issues. It also demonstrated the need for rapid patching of 0-day vulnerabilities and the importance of defense in depth strategies.

TechnologyEducation
1 of 16
Downloaded 24 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
Heartbleed Overview
whoami Dominic White CTO @ SensePost We Hack | Build | Train | Scan Stuff @singe / @sensepost dominic@sensepost.com info/research/job @sensepost.com
What Happened • 7 April 2014 – Vulnerability announced to the world with a website, OpenSSL vulnerability announcement and new code release (1.0.1g) – Found by two groups; Google Security Team (Neel Mehta & Condenomicon) • Told that private keys to SSL certificates could be exposed – uh oh • Operating systems had not packaged the new release, so many were vulnerable • Many big name companies were vulnerable; Big Tech names, Banks, Law Enforcement, Intelligence Agencies • Online testers appeared, and were quickly swamped • But ….
What is it? • Vulnerability in a widely used cryptographic library – i.e. lots of Unix things use this to do encryption • Vulnerability specific to SSL Heartbeats – RFC 6520 https://tools.ietf.org/html/rfc6520 • Introduced on Dec 31 2011 by Dr Stephen Henson • Allows you to read parts of a program memory – Buffer Over Read
Heartbleed Overview
Heartbleed Overview
Demo • Extracting cookies & private SSL keys from a vulnerable server
Why does it work • OpenSSL is just the library, the actual process is something like Apache, Nginx, Dovecot, Exim etc. • These processes have a HEAP, in which data used by the process is stored. – If the process is active, it changes a lot • Certificate private keys are made up of two large prime numbers; we can find these if they were used recently
The slow path to enlightenment • Initial testers looked for vanilla SSL on port 443 using TLS v1.1 – Most famous and first PoC by Jared Stafford; ssltest.py • But: – SSL runs on non-standard ports – Some servers didn’t support TLS v1.1 – SSL can be invoked on clear-text ports with STARTLS • STARTTLS is different for different protocols – Clients are vulnerable too! – Lots of debate about whether keys could be grabbed • CloudFlare challenge cleared that up – IDS signatures were quickly defeated
Meanwhile …. • #heartbleedvirus • Bruce Schneier – “On the scale of 1 to 10, this is an 11.” • I’m not Vulnerable, the scanner said so! • Claims of NSA backdoor bogey men • EVERYBODY CHANGE ALL YOUR PASSWORDS! – NO WAIT, CHANGE THEM AGAIN!
How Bad Was It? • Masscan (Robert Graham) – 615 268 / 28 581 134 – After one month 318 239 • Our clients – 1.8% when it broke – Offered free “complete” scan – 24 / 224 186
Tactical Defence Fix the Vuln • Patch it – OpenSSL >= 1.0.1g – Old versions < 1.0.1 unaffected • Disable it – Firewall, VPN? • Reconfigure it – Disable heartbeats – Enable Perfect Forward Secrecy • IDS it? – Do not rely on this Cleanup • Change certificates – Revoke the old ones • Reset sessions – i.e. invalidate all cookies • Change passwords – Only affected user-stores
Defence in Depth • One 0day shouldn’t ruin your day – But this one was tricky 1. Early alerting 2. Response procedures (IR) 3. Ability to act quickly (devsecops) 4. Avoid heterogeneity/monocultures?
The State of OpenSSL’s Future • Massive amount of legacy code • Incredibly complex to maintain – 2 people effectively doing most of it • C considered harmful today – Pointer arithmetic makes problems • FIPS certification dangerous – Certifies bad crypto & bad implementations • OpenBSD’s OpenSSL rampage -> LibreSSL • OpenSSL just got a ton of funding
Eye Openers • We thought OpenSSL was okay – Ok, lots didn’t, but nobody did anything about it – We think lots of other things are ok – ESR’s Linus’ Law: “Given enough eyeballs, all bugs are shallow” • But! – We found the bug – People actually patched it • Others – The rise of the branded bug – The trail of fakes • Media still drives reactions
Thanks & References • Hackerfantastic – Tool & Presentation • Erratarob – Tool/s & blogs • XKCD – Comics! • Elpartydiablo & xnvx.com – Background

More Related Content

PPTX
Offence oriented Defence
SensePost
 
PPTX
Rat a-tat-tat
SensePost
 
PPTX
Improvement in Rogue Access Points - SensePost Defcon 22
SensePost
 
PDF
The state of wireless security
Filip Waeytens
 
PDF
Fruit vs Zombies: Defeat Non-jailbroken iOS Malware by Claud Xiao
Shakacon
 
PDF
Heartbleed && Wireless
Luis Grangeia
 
PPTX
Creating Havoc using Human Interface Device
Positive Hack Days
 
PPTX
Shmoocon Epilogue 2013 - Ruining security models with SSH
Andrew Morris
 
Offence oriented Defence
SensePost
 
Rat a-tat-tat
SensePost
 
Improvement in Rogue Access Points - SensePost Defcon 22
SensePost
 
The state of wireless security
Filip Waeytens
 
Fruit vs Zombies: Defeat Non-jailbroken iOS Malware by Claud Xiao
Shakacon
 
Heartbleed && Wireless
Luis Grangeia
 
Creating Havoc using Human Interface Device
Positive Hack Days
 
Shmoocon Epilogue 2013 - Ruining security models with SSH
Andrew Morris
 

What's hot (20)

PDF
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Priyanka Aash
 
PDF
Top 10 Threats to Cloud Security
SBWebinars
 
PPT
Nomura UCCSC 2009
dnomura
 
PPTX
External to DA, the OS X Way
Stephan Borosh
 
PDF
Infosecurity.be 2019: What are relevant open source security tools you should...
B.A.
 
PDF
Hack Attack! An Introduction to Penetration Testing
Steve Phillips
 
PDF
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Priyanka Aash
 
PPTX
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat Security Conference
 
PPTX
BSIDES-PR Keynote Hunting for Bad Guys
Joff Thyer
 
PDF
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
Priyanka Aash
 
PPTX
Kali presentation
Zain Ul abadin
 
PDF
Security events in 2014
Chong-Kuan Chen
 
PPTX
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
Imperva Incapsula
 
PPTX
How to Protect Yourself From Heartbleed Security Flaw
ConnectSafely
 
PDF
Malware collection and analysis
Chong-Kuan Chen
 
PPTX
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
PPTX
Pentest Apocalypse - SANSFIRE 2016 Edition
Beau Bullock
 
PDF
Threat Con 2021: What's Hitting my Honeypots
APNIC
 
PPTX
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
CODE BLUE
 
PDF
penetration test using Kali linux ppt
AbhayNaik8
 
Defcon 22-zoltan-balazs-bypass-firewalls-application-whiteli
Priyanka Aash
 
Top 10 Threats to Cloud Security
SBWebinars
 
Nomura UCCSC 2009
dnomura
 
External to DA, the OS X Way
Stephan Borosh
 
Infosecurity.be 2019: What are relevant open source security tools you should...
B.A.
 
Hack Attack! An Introduction to Penetration Testing
Steve Phillips
 
Defcon 22-wesley-mc grew-instrumenting-point-of-sale-malware
Priyanka Aash
 
BlueHat v17 || A Lustrum of Malware Network Communication: Evolution and Insi...
BlueHat Security Conference
 
BSIDES-PR Keynote Hunting for Bad Guys
Joff Thyer
 
Defcon 22-philip-young-from-root-to-special-hacking-ibm-main
Priyanka Aash
 
Kali presentation
Zain Ul abadin
 
Security events in 2014
Chong-Kuan Chen
 
From 1000/day to 1000/sec: The Evolution of Incapsula's BIG DATA System [Surg...
Imperva Incapsula
 
How to Protect Yourself From Heartbleed Security Flaw
ConnectSafely
 
Malware collection and analysis
Chong-Kuan Chen
 
2016 TTL Security Gap Analysis with Kali Linux
Jason Murray
 
Pentest Apocalypse - SANSFIRE 2016 Edition
Beau Bullock
 
Threat Con 2021: What's Hitting my Honeypots
APNIC
 
[CB16] Facebook Malware: Tag Me If You Can by Ido Naor & Dani Goland
CODE BLUE
 
penetration test using Kali linux ppt
AbhayNaik8
 
Ad

Similar to Heartbleed Overview (20)

PDF
Sullivan heartbleed-defcon22 2014
Cloudflare
 
PDF
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
Gabriella Davis
 
PDF
Heartache and Heartbleed - 31c3
Nick Sullivan
 
PDF
The SSL Problem and How to Deploy SHA2 Certificates
Gabriella Davis
 
PDF
Common crypto attacks and secure implementations
Trupti Shiralkar, CISSP
 
PPTX
SSL Checklist for Pentesters (BSides MCR 2014)
Jerome Smith
 
PDF
How to exploit heartbleed vulnerability demonstration
Pankaj Rane
 
PDF
SSL: Past, Present and Future
Luis Grangeia
 
PDF
SSL: Past, Present and Future
Tiago Mendo
 
PPT
Certificates and Web of Trust
Yousof Alsatom
 
PDF
FreeBSD and Hardening Web Server
Muhammad Moinur Rahman
 
PDF
SSL, X.509, HTTPS - How to configure your HTTPS server
hannob
 
PDF
Go paranoid
Nisheed KM
 
PDF
Apache web-server-security
Andrew Carr
 
PDF
SSL State of the Union
Sander Temme
 
PDF
When the internet bleeded : RootConf 2014
Anant Shrivastava
 
PPTX
Information Security Engineering
Md. Hasan Basri (Angel)
 
PDF
Unsafe SSL webinar
Wolfgang Kandek
 
PDF
Ssl And Tls Theory And Practice 2nd Rolf Oppliger
jnixigdcvv335
 
PPTX
Cours4.pptx
Bellaj Badr
 
Sullivan heartbleed-defcon22 2014
Cloudflare
 
1086: The SSL Problem and How to Deploy SHA2 Certificates (with Mark Myers)
Gabriella Davis
 
Heartache and Heartbleed - 31c3
Nick Sullivan
 
The SSL Problem and How to Deploy SHA2 Certificates
Gabriella Davis
 
Common crypto attacks and secure implementations
Trupti Shiralkar, CISSP
 
SSL Checklist for Pentesters (BSides MCR 2014)
Jerome Smith
 
How to exploit heartbleed vulnerability demonstration
Pankaj Rane
 
SSL: Past, Present and Future
Luis Grangeia
 
SSL: Past, Present and Future
Tiago Mendo
 
Certificates and Web of Trust
Yousof Alsatom
 
FreeBSD and Hardening Web Server
Muhammad Moinur Rahman
 
SSL, X.509, HTTPS - How to configure your HTTPS server
hannob
 
Go paranoid
Nisheed KM
 
Apache web-server-security
Andrew Carr
 
SSL State of the Union
Sander Temme
 
When the internet bleeded : RootConf 2014
Anant Shrivastava
 
Information Security Engineering
Md. Hasan Basri (Angel)
 
Unsafe SSL webinar
Wolfgang Kandek
 
Ssl And Tls Theory And Practice 2nd Rolf Oppliger
jnixigdcvv335
 
Cours4.pptx
Bellaj Badr
 
Ad

More from SensePost (20)

PDF
objection - runtime mobile exploration
SensePost
 
PPTX
Vulnerabilities in TN3270 based Application
SensePost
 
PDF
Ruler and Liniaal @ Troopers 17
SensePost
 
PDF
Introducing (DET) the Data Exfiltration Toolkit
SensePost
 
PPTX
ZaCon 2015 - Zombie Mana Attacks
SensePost
 
PDF
Botconf 2013 - DNS-based Botnet C2 Server Detection
SensePost
 
PDF
Hacking Z-Wave Home Automation Systems
SensePost
 
PPTX
Threats to machine clouds
SensePost
 
PPTX
Inside .NET Smart Card Operating System
SensePost
 
PDF
SNMP : Simple Network Mediated (Cisco) Pwnage
SensePost
 
PPT
Its Ok To Get Hacked
SensePost
 
PPT
Web Application Hacking
SensePost
 
PDF
Putting the tea back into cyber terrorism
SensePost
 
PPT
Major global information security trends - a summary
SensePost
 
PPT
Attacks and Defences
SensePost
 
PDF
Corporate Threat Modeling v2
SensePost
 
PPTX
State of the information security nation
SensePost
 
PPS
OK I'm here, so what's in it for me?
SensePost
 
PPT
Security threats facing SA businessess
SensePost
 
PPT
Security in e-commerce
SensePost
 
objection - runtime mobile exploration
SensePost
 
Vulnerabilities in TN3270 based Application
SensePost
 
Ruler and Liniaal @ Troopers 17
SensePost
 
Introducing (DET) the Data Exfiltration Toolkit
SensePost
 
ZaCon 2015 - Zombie Mana Attacks
SensePost
 
Botconf 2013 - DNS-based Botnet C2 Server Detection
SensePost
 
Hacking Z-Wave Home Automation Systems
SensePost
 
Threats to machine clouds
SensePost
 
Inside .NET Smart Card Operating System
SensePost
 
SNMP : Simple Network Mediated (Cisco) Pwnage
SensePost
 
Its Ok To Get Hacked
SensePost
 
Web Application Hacking
SensePost
 
Putting the tea back into cyber terrorism
SensePost
 
Major global information security trends - a summary
SensePost
 
Attacks and Defences
SensePost
 
Corporate Threat Modeling v2
SensePost
 
State of the information security nation
SensePost
 
OK I'm here, so what's in it for me?
SensePost
 
Security threats facing SA businessess
SensePost
 
Security in e-commerce
SensePost
 

Recently uploaded (20)

PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PDF
Modernizing your data center with Dell and AMD
Principled Technologies
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PPTX
A Presentation on Artificial Intelligence
memembruh336
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Modernizing your data center with Dell and AMD
Principled Technologies
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
A Presentation on Artificial Intelligence
memembruh336
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Approach and Philosophy of On baking technology
30anthuong17
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 

Heartbleed Overview

  • 2. whoami Dominic White CTO @ SensePost We Hack | Build | Train | Scan Stuff @singe / @sensepost dominic@sensepost.com info/research/job @sensepost.com
  • 3. What Happened • 7 April 2014 – Vulnerability announced to the world with a website, OpenSSL vulnerability announcement and new code release (1.0.1g) – Found by two groups; Google Security Team (Neel Mehta & Condenomicon) • Told that private keys to SSL certificates could be exposed – uh oh • Operating systems had not packaged the new release, so many were vulnerable • Many big name companies were vulnerable; Big Tech names, Banks, Law Enforcement, Intelligence Agencies • Online testers appeared, and were quickly swamped • But ….
  • 4. What is it? • Vulnerability in a widely used cryptographic library – i.e. lots of Unix things use this to do encryption • Vulnerability specific to SSL Heartbeats – RFC 6520 https://tools.ietf.org/html/rfc6520 • Introduced on Dec 31 2011 by Dr Stephen Henson • Allows you to read parts of a program memory – Buffer Over Read
  • 7. Demo • Extracting cookies & private SSL keys from a vulnerable server
  • 8. Why does it work • OpenSSL is just the library, the actual process is something like Apache, Nginx, Dovecot, Exim etc. • These processes have a HEAP, in which data used by the process is stored. – If the process is active, it changes a lot • Certificate private keys are made up of two large prime numbers; we can find these if they were used recently
  • 9. The slow path to enlightenment • Initial testers looked for vanilla SSL on port 443 using TLS v1.1 – Most famous and first PoC by Jared Stafford; ssltest.py • But: – SSL runs on non-standard ports – Some servers didn’t support TLS v1.1 – SSL can be invoked on clear-text ports with STARTLS • STARTTLS is different for different protocols – Clients are vulnerable too! – Lots of debate about whether keys could be grabbed • CloudFlare challenge cleared that up – IDS signatures were quickly defeated
  • 10. Meanwhile …. • #heartbleedvirus • Bruce Schneier – “On the scale of 1 to 10, this is an 11.” • I’m not Vulnerable, the scanner said so! • Claims of NSA backdoor bogey men • EVERYBODY CHANGE ALL YOUR PASSWORDS! – NO WAIT, CHANGE THEM AGAIN!
  • 11. How Bad Was It? • Masscan (Robert Graham) – 615 268 / 28 581 134 – After one month 318 239 • Our clients – 1.8% when it broke – Offered free “complete” scan – 24 / 224 186
  • 12. Tactical Defence Fix the Vuln • Patch it – OpenSSL >= 1.0.1g – Old versions < 1.0.1 unaffected • Disable it – Firewall, VPN? • Reconfigure it – Disable heartbeats – Enable Perfect Forward Secrecy • IDS it? – Do not rely on this Cleanup • Change certificates – Revoke the old ones • Reset sessions – i.e. invalidate all cookies • Change passwords – Only affected user-stores
  • 13. Defence in Depth • One 0day shouldn’t ruin your day – But this one was tricky 1. Early alerting 2. Response procedures (IR) 3. Ability to act quickly (devsecops) 4. Avoid heterogeneity/monocultures?
  • 14. The State of OpenSSL’s Future • Massive amount of legacy code • Incredibly complex to maintain – 2 people effectively doing most of it • C considered harmful today – Pointer arithmetic makes problems • FIPS certification dangerous – Certifies bad crypto & bad implementations • OpenBSD’s OpenSSL rampage -> LibreSSL • OpenSSL just got a ton of funding
  • 15. Eye Openers • We thought OpenSSL was okay – Ok, lots didn’t, but nobody did anything about it – We think lots of other things are ok – ESR’s Linus’ Law: “Given enough eyeballs, all bugs are shallow” • But! – We found the bug – People actually patched it • Others – The rise of the branded bug – The trail of fakes • Media still drives reactions
  • 16. Thanks & References • Hackerfantastic – Tool & Presentation • Erratarob – Tool/s & blogs • XKCD – Comics! • Elpartydiablo & xnvx.com – Background

Editor's Notes

  • #2: Picture from http://www.xnvx.com/data/media/87/Bleeding_Heart_By_Elpartydiablo.jpg
  • #6: http://xkcd.com/1354/