In this article I will discuss weak cryptography testing in the OWASP Web Security Testing Guide.
1. Testing for Weak Transport Layer Security
What is Transport Layer Security?
Transport Layer Security (TLS) is an internet security protocol used to protect data communication between a user and a server or between two servers over an internet network. TLS is used to provide end-to-end encryption and authentication for data transmitted over the network.
TLS is a development of the previous internet security protocol, Secure Sockets Layer (SSL). TLS provides data encryption, server and client authentication, and data integrity through a unique public key and session key exchange mechanism.
TLS is commonly used in web applications to protect sensitive information such as user logins and information, credit card data, and other critical information. TLS is also used in email and file transfer applications to protect sensitive information sent over the internet network.
TLS has several versions, ranging from TLS 1.0 to TLS 1.3. Newer versions of TLS provide better performance and security, and also address weaknesses found in earlier versions. TLS 1.3 is the latest version of TLS and has stronger security and faster performance compared to previous versions.
As an example of TLS usage, when one accesses e-commerce websites such as Amazon or eBay, login information and other user information must be protected to prevent unauthorized access by third parties. Therefore, these e-commerce websites use TLS to provide data encryption and client and server authentication.
Test Objectives:
- Validate the service configuration.
- Review the digital certificate’s cryptographic strength and validity.
- Ensure that the TLS security is not bypassable and is properly implemented across the application.
Automatic testing is done using sslscan, the results are as follows:
Validations that have been implemented include:
- Using the latest TLS version 1.3 (TLS_AES_128_GCM_SHA256).
- Uses AES-128 encryption algorithm in Galois/Counter Mode (GCM) with SHA-256 hash function.
- RSA Key Strength 2048
Validations that have not been implemented include:
- Validity period exceeds 398 days (10 years).
- There is no certificate authority (CA) information.
- Does not have Subject Alternate Name (SAN).
2. Testing for Padding Oracle
What is Padding Oracle?
Padding Oracle is a type of encryption attack that exploits padding validation errors in a cryptographic mode of operation known as Cipher Block Chaining (CBC). CBC is a commonly used mode of operation for data encryption in SSL/TLS and some other protocols.
In the Oracle Padding attack, the attacker attempts to modify the cipher text (encrypted text) to obtain sensitive information that should be protected. In this attack, the attacker exploits a weakness in padding validation on the server side to guess the contents of the encrypted message.
Example of Padding Oracle attack: Suppose Alice wants to send Bob a secret message containing sensitive information, such as a credit card number. Alice encrypts her message using SSL/TLS and CBC mode of operation.
An attacker who is able to monitor the network connection between Alice and Bob, retrieves the cipher text and tries to modify each block of encrypted data to guess the content of the original message. The attacker can also try various attack techniques, such as Brute Force attack or Dictionary Attack to try to find the right value of padding.
If the attacker manages to find the right padding value, then he can modify the cipher text and try to decrypt the encrypted message in stages to get the sensitive information contained in the message.
Using this technique, the attacker can steal Alice’s credit card number and use it for fraudulent purposes or identity theft.
Test Objectives:
- Identify encrypted messages that rely on padding.
- Attempt to break the padding of the encrypted messages and analyze the returned error messages for further analysis.
The test below uses the Oracle Padding lab provided by PentesterLab.
- To get started, users are first required to register and then login with the previously registered account.
- During the login process intercept using Burp Suite and then send to the Repeater. Copy the authentication cookie obtained from the login process.
- Use PadBuster to run the padding oracle. The command below will decrypt the encrypted value of auth into plaintext.
- When the process is finished PadBuster captured three decrypt values in base64, HEX, and ASCII. The cookie of auth is a combination of username with its password from padbuster we come to know what is the encrypted value of username for test.
- Then encrypt this authentication cookie with the user as admin. Here we have our plaintext as admin.
- Below is the encrypted value for admin.
- Go to Burp Suite once again and copy and paste the encrypted value for admin in Cookies and then access the index.php page. Click the Send button on the right side of the Response section and there is already a notification that you are logged in as admin.
3. Testing for Sensitive Information Sent via Unencrypted Channels
What is Sensitive Information?
Sensitive information is information that requires special protection due to its personal, confidential, or valuable nature. This information often has significant value to the individual or organization that owns it, and if leaked or accessed by unauthorized parties, it can cause financial loss, reputation, or even harm to the safety and security of the individual.
Examples of sensitive information are:
- Information used in authentication (e.g. Credentials, PINs, Session identifiers, Tokens, Cookies, etc)
- Information protected by law, regulation or specific organizational policies (e.g. Credit Card, Customer data)
What is Unencrypted Channels?
Unencrypted channels are communication channels that are not protected with encryption. This means that data transmitted over such channels can be read and manipulated by unauthorized parties, as there is no protection or security applied to the transmitted data.
An example of this is when sensitive data, such as passwords or credit card numbers, are transmitted over unencrypted email or HTTP protocols. The data can be viewed and stolen by unauthorized parties and used to commit fraud or other crimes.
Test Objectives:
- Identify sensitive information transmitted through the various channels.
- Assess the privacy and security of the channels used.
The web application used for testing this time is www.hackthissite.org, testing is done by trying to log in using the HTTP method, at the target uncheck Use HTTPS it will change for sending will use the HTTP method, after clicking Send the response given is 301 Moved Permanently which means that the website does not accept sensitive information sent via unencrypted channels and the login location directed is https://www.hackthissite.org/user/login.
4. Testing for Weak Encryption
What is Encryption?
Encryption is the process of converting original data (plaintext) into an unreadable form (ciphertext) so that the data cannot be read by unauthorized parties. The purpose of encryption is to protect the confidentiality and integrity of data by encrypting data using cryptographic algorithms so that only people who have the correct key can read or access the data.
Here are some examples of how encryption is used in everyday life:
- HTTPS: HTTPS is a protocol used to encrypt data transmitted over the internet, such as web pages or data inputted into forms on certain websites.
- VPN: VPN (Virtual Private Network) is a network that uses encryption to protect data transmitted over a network, so that the information cannot be accessed by unauthorized parties.
- Encrypted messaging: Messaging apps like WhatsApp, Signal, and Telegram use end-to-end encryption to protect messages transmitted between users. By using end-to-end encryption, messages can only be read by the sender and receiver, and cannot be read by anyone trying to snoop on them.
Test Objectives:
- Provide a guideline for the identification weak encryption or hashing uses and implementations.
The Weak Encryption test is similar to the test in WSTG-CRYP-01 or Testing for Weak Transport Layer Security where we assess whether the encryption used meets the minimum criteria in the test instructions.
The tool used in this test is nmap.
The command nmap — script ssl-enum-ciphers 127.0.0.1 is used to scan the SSL/TLS protocol on the server or host indicated by the IP address 127.0.0.1.
The — script ssl-enum-ciphers option on the nmap command is used to call the Nmap script named ssl-enum-ciphers. This script is useful for checking the cipher suite (combination of cryptographic algorithms) supported by the scanned HTTPS server.
In this case, nmap will scan host 127.0.0.1 to find information about the cipher suite supported by the HTTPS server on that host. Nmap will check the list of supported cipher suites and provide information about the type and security level of the cipher suite.
The scanning results of the command will provide information about the cipher suites used by the HTTPS server on the scanned host, as well as indicate the security of each cipher suite. This information can be used to evaluate the security of the scanned HTTPS server and determine whether the cipher suite configuration on the server is secure enough or needs to be upgraded.
The scanning results on the cipher suite show an A, which means that the cipher suite used by the HTTPS server is considered to have a very good level of security.
