Logo dell'Università di Bologna - link alla home page del portale
Imaging Medico

The HTTPS Stripping Problem

With the growth of the World Wide Web, and with the ever increasing presence of services for user and its sensitive data, increases the need for security aimed at protection of networked communication. This leads to the need for secure communications and transactions, the authenticity dialogue and Privacy Policy. Here enters the HTTPS protocol, which allows a browser to verify the authenticity of a web server and to establish an encrypted channel for protection of data exchanged.

Right now, this development leads to more and more web pages full of items and functions, in fact they are no longer a monolithic entity, but include a collection components, including images, videos, CSS, that provide guidelines presentation and many other embedded media. There are therefore several data streams, independent of each other between web servers and browsers.

There are many approaches to maintain integrity and privacy of each data flow; ideally, is assumed that there is a valid digital certificate that starts the TLS connection and then guarantee that any content on the page in question is protected by HTTPS. This protocol is used, for example, for the exchange of important data through a form, and also for secondary components such as images, banner advertising and other things.

Often a hybrid approach is adopted by web administrators. They choose to not protect the entire page, but only a part, because most of the data does not need the cryptographic protection but also because there is a waste of expensive resources for the web server. So the choice of saving resources leads to adopt the HTTPS protocol only where absolutely necessary.

Also, the certificate plays an important role, in fact it could be not reliable for the browser, so invalid according to its maturity or because it is self-signed. A situation like this generates warnings that only the users can manage, in most cases, because their listlessness, they will be ignored; at this point the users can only trust the "security seals" placed within the page, like favicons.

These different scenarios open the way for targeted attacks, such as famous MiTM (Man In The Middle).

This type of attack is to hijack the traffic generated during the communication between two hosts to a third host, the attacker. The latter is then able to read, enter or modify at will messages between two parties, making it appear to both endpoints of the communication that he is in fact their legitimate interlocutor. All this happens thanks to ARP-spoofing techniques, which have the task of modifying the ARP Cache of each host in the target subnet.

As mentioned before, the vulnerability that we are going to exploit with this attack comes from a single decision by those who administer the web server: to serve the first (and probably the most popular) page of the website through the HTTP protocol in order to reduce processing TLS on the server. If you experienced such a situation then, the resource to which access will certainly allow an encrypted connection, but not immediately. In this case, a skilled attacker can use tools like sslstrip during his attack, which has the function to edit an HTML page, replacing each HTTPS link with HTTP links. In this scenario then, only the communication between the victim and the attacker will be modified, while remaining unchanged in the channel between the attacker and the web server. In this way the attacker will able to "sniff" the credentials entered by the victim.