Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A near decade old tool has been updated with man-in-the-middle attack capabilites that can intercept traffic from Apple iPhones.
The attack tool sslsniff exploits a vulnerability disclosed by researchers Gregor Kopf and Paul Kehrer yesterday which allow traffic from iOS iPhones to be intercepted.
Apple released fix iOS 4.3.5 yesterday to fix the flaw.
The BasicContraints vulnerability affecting iPhones was first identified in 2002 by independent researcher Moxie Marlinspike who developed sslsniff to exploit the flaw.
Back then, it was used to exploit certificate chain weaknesses (pdf) in Webkit browsers and Microsoft CryptoAPI, affecting the likes of Firefox, Internet Explorer, Pidgin, AIM and Microsoft Outlook.
"It validated all the signatures in a certificate chain, but failed to check whether the intermediate certificates had a valid CA BasicConstraints extension se," Marlinspike said.
"This meant that you could take any old CA-signed certificate and use it to sign any other certificate."
The Linux-based sslsniff tool was updated with iOS fingerprinting support and can be downloaded here. Run (sslsniff -a -c -f ios -h -s -w iphone.log).
Copyright © SC Magazine, Australia
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.
