lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <44185B75.9010501@sdf.lonestar.org>
Date: Wed Mar 15 18:23:10 2006
From: bkfsec at sdf.lonestar.org (bkfsec)
Subject: HTTP AUTH BASIC monowall.

Simon Smith wrote:

>Ok,
>    As suspected... so I am correct; and it is a security threat. I can
>compromise a network, arp poison it, MiTM, access the firewall,
>distributed metastasis, presto... owned...
>
>
>  
>
Yes and no... as others have pointed out, you already have much larger 
problems at that point, such as the fact that your network has been 
totally and completely compromised from the inside in order to do the 
MitM in the first place... I can see some reasons why one would want to 
do that, but really, if you can execute a good MitM attack, there really 
isn't anything you can't do... once you've broken the encryption you can 
intercept all kinds of auth traffic and replay it. 

OK - at that point, maybe you can tunnel under the SSL using another 
form of encryption as a wrapper for the authentication infrastructure... 
aside from that, there really isn't much to do... certs, shared keys, 
etc... these can all be grabbed from the air if the SSL traffic is 
MitM'ed. 

Essentially, we're talking very significant owning of a network in order 
to simply get the firewall password.  At that point, I'd think there'd 
be even worse things that can be done.

          -bkfsec

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ