TL;DR
Hackers can use SSLSplit to intercept encrypted traffic even with a valid certificate on the target website. This is because SSLSplit acts as a Man-in-the-Middle (MITM) proxy, presenting its own certificate (which appears legitimate) to the client while communicating with the real server using the original connection. The client trusts the presented certificate, allowing the attacker to decrypt and modify traffic.
How SSLSplit Works
SSLsplit intercepts SSL/TLS connections. It can be configured to transparently proxy traffic, meaning users don’t need to manually configure their browsers or applications to use it. The key is that it terminates the connection with the client using a certificate *the attacker controls*, and then establishes a separate connection to the real server.
Steps for an Attack
- Set up SSLSplit: Install SSLSplit on a machine within network range of the target. On Debian/Ubuntu:
sudo apt update sudo apt install sslsplit - Generate a Certificate Authority (CA): Create a CA certificate that will be used to sign the fake certificates presented to clients.
openssl req -x509 -newkey rsa:2048 -keyout ca.key -out ca.crt -days 365 - Generate a Fake Certificate for the Target Domain: Create a certificate for the target domain, signed by your CA.
openssl req -newkey rsa:2048 -nodes -keyout server.key -out server.csr -subj "/CN=targetdomain.com"openssl x509 -req -in server.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out server.crt -days 365 -sha256 - Configure SSLSplit: Edit the SSLSplit configuration file (usually
/etc/sslsplit/sslsplit.conf) to specify the target domain, port, and certificate files.Example:
target = targetdomain.com port = 443 certfile = server.crt keyfile = server.key cafile = ca.crt - Run SSLSplit: Start SSLSplit to intercept traffic.
sudo sslsplit -D -k server.key -c server.crt --listen-port 8080(This example listens on port 8080, so you’ll need to redirect traffic to it.)
- Redirect Traffic (ARP Spoofing/Routing): Redirect the target’s traffic through your SSLSplit machine. This is often done using ARP spoofing or by manipulating routing tables.
Warning: ARP spoofing is illegal on many networks without permission.
- Trust the CA (Client-Side): The attacker needs to get the client to trust their CA certificate. This can be achieved through various social engineering techniques, such as pre-installing it on the target’s machine or exploiting vulnerabilities that allow for certificate installation.
Without this step, browsers will display warnings about an untrusted certificate.
- Intercept and Decrypt Traffic: Once traffic is redirected and the CA is trusted, SSLSplit will intercept and decrypt all SSL/TLS connections to the target domain. You can use tools like Wireshark or tcpdump to analyze the captured data.
tcpdump -i eth0 'port 8080'
Why this works despite a valid certificate
- MITM Position: SSLSplit doesn’t replace the target server’s certificate; it *becomes* the endpoint for the client. The client connects to SSLSplit, which presents its own (valid) certificate.
- Client Trust is Key: If the client trusts the attacker’s CA, it will accept the fake certificate presented by SSLSplit without complaint.
- Transparent Proxying: Clients are often unaware they’re connecting to a proxy, making detection difficult.
Mitigation
- Certificate Pinning: Implement certificate pinning in applications to only trust specific certificates for certain domains.
- HSTS (HTTP Strict Transport Security): Enforce HTTPS connections and prevent downgrading to insecure protocols.
- Network Monitoring: Use network monitoring tools to detect suspicious traffic patterns or ARP spoofing attempts.
- Awareness: Educate users about the risks of social engineering attacks and untrusted certificates.