Penetration Testing Custom TLS Stacks

Presented at ShmooCon XII (2016), Jan. 16, 2016, 5 p.m. (60 minutes)

With the ever growing number of attacks against SSL/TLS, quick turnaround time is required to write proof of concept code to test new attacks. Extending existing TLS stacks to implement such code is difficult and error prone. Due to that need, we developed an offensive focused TLS stack which allows to quickly prototype attacks against all elements of the stack (protocol, crypto, certificates, …)

scapy-ssl_tls is an offensive TLS stack which lives above scapy. I will demonstrate how to look for protocol and crypto related flaws in custom TLS stacks, and how to quickly build prototypes.

Presenters:

• Alex Moneger
  Alex Moneger enjoys working on security which relates to bits and bytes such as cryptography, exploit development, fuzzing and binary instrumentation. He has presented at several security conferences (Defcon, Nuit Du Hack, Seccon) on the above topics. Overall, his interests in security topics are too broad for the time he has available. He also writes (numstitch, fuzzmon) and contributes to open-source security tools (scapy-ssl_tls, afl, …). In his day job, he works for Citrix Systems, taking care of product security.

Links:

• https://infocon.org/cons/ShmooCon/ShmooCon 2016/Penetration Testing Custom Tls Stacks.mp4
• https://infocon.org/cons/ShmooCon/ShmooCon 2016/Penetration Testing Custom Tls Stacks.srt (subtitles)

Similar Presentations:

• DeepSec 2016 „Ten“ / Systematic Fuzzing and Testing of TLS Libraries
• DeepSec 2016 „Ten“ / Deploying Secure Applications with TLS (closed)
• DeepSec 2014 „Do you want to know more?“ / Introduction to and survey of TLS Security