diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 980848c..b4dd6cd 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -5,8 +5,8 @@ default_language_version: python: python3.10 default_stages: - - commit - - push + - pre-commit + - pre-push fail_fast: false @@ -59,21 +59,21 @@ repos: description: Double-check editorconfig compliance entry: bash -c 'editorconfig-checker' language: system - stages: [commit, push] + stages: [pre-commit, pre-push] - id: trufflehog name: TruffleHog description: Detect secrets in your data. entry: bash -c 'trufflehog git file://. --since-commit HEAD --only-verified --fail --json 2>/dev/null | jq "."' language: system - stages: [commit, push] + stages: [pre-commit, pre-push] - id: trivy-vuln name: Trivy (Vulnerabilities) description: Check for security vulnerabilities. (https://trivy.dev) entry: bash -c 'trivy fs --config trivy-vuln.yaml --ignorefile .trivyignore.yaml .' language: system - stages: [commit, push] + stages: [pre-commit, pre-push] # Troubleshooting: https://aquasecurity.github.io/trivy/latest/docs/references/troubleshooting/#denied - id: yamlfmt @@ -83,7 +83,7 @@ repos: bash -c '(find . -type f -iname "*.yaml" | xargs -I% yamlfmt "%") && \ (find . -type f -iname "*.yml" | xargs -I% yamlfmt "%")' language: system - stages: [commit, push] + stages: [pre-commit, pre-push] # goplicate-end:always # ---------------------------------------------------------------------------- diff --git a/Makefile b/Makefile index 5bbbc7b..f158763 100644 --- a/Makefile +++ b/Makefile @@ -213,6 +213,7 @@ serve: HUGO_ENV=development hugo serve \ --buildDrafts \ --cleanDestinationDir \ + --disableFastRender \ --enableGitInfo \ --environment development \ --forceSyncStatic \ diff --git a/config/_default/taxonomies.toml b/config/_default/taxonomies.toml index bddbbcf..0449145 100644 --- a/config/_default/taxonomies.toml +++ b/config/_default/taxonomies.toml @@ -1,3 +1 @@ -series = "series" -tag = "tags" -category = "categories" +vuln = 'vulns' diff --git a/content/learning/tls/3des.md b/content/learning/tls/3des.md new file mode 100644 index 0000000..0185775 --- /dev/null +++ b/content/learning/tls/3des.md @@ -0,0 +1,17 @@ +--- +title: Triple Data Encryption Standard (3DES) +description: Vulnerable key exchange +layout: learn-single + +vulns: + - lucky-13 + +--- + +## Summary + +Although [Triple-DES] (3DES) has not yet been fully broken, it suffers from several vulnerabilities, making it a _weak_ cipher. + +Any cipher suite with `3DES` in the name should be avoided. + +[Triple-DES]: https://en.wikipedia.org/wiki/Triple_DES diff --git a/content/learning/tls/_index.md b/content/learning/tls/_index.md new file mode 100644 index 0000000..ed13def --- /dev/null +++ b/content/learning/tls/_index.md @@ -0,0 +1,55 @@ +--- +title: TLS and Cipher Suites +description: ... +# layout: learn-single +layout: list + +good_better_best: + 1abysmal: + title: Not secure at all + description: 'SSLv2 SSLv3' + 2better: + title: Security broken + description: 'TLS 1.0 TLS 1.1' + 3best: + title: Safe and secure + description: 'TLS 1.2+ TLS 1.3' + +--- + +## Summary + +Security never stands still. As soon as new methods are designed to secure data on the internet, there is someone working on ways to crack-open that security. Things that were secure 20 years ago are not secure today. + +In {{% year %}}, there are only two configurations which are considered fully secure, and both should be offered to end-users: + +### TLS 1.3 + +[TLS 1.3] is the most modern version of _Transport Layer Security_. The specification shipped in August 2018, and defines 3 cipher suites which are non-configurable. + +### TLS 1.2 with _Forward Secrecy_ + +[TLS 1.2] is the next-oldest version. The specification shipped in August 2008, and defines several configurable cipher suites — most of which are _no longer_ secure, but there are still a good number that are compatible for the open web. + +## Parts of a cipher suite + +_Broadly_ speaking, there are four components to a cipher suite (as used in TLS): + +* Key exchange +* Authentication signature +* Encryption algorithm +* Hashing function + +If any one part of a cipher suite has an issue, it can compromise the integrity of the entire cipher suite. + +## Known issues in classes of cipher suites + +Security vulnerabilities can impact _classes_ of cipher suites. + +[depr-sslv2]: https://datatracker.ietf.org/doc/html/rfc6176 +[depr-sslv3]: https://datatracker.ietf.org/doc/html/rfc7568 +[SSLv3]: https://datatracker.ietf.org/doc/html/rfc6101 +[TLS 1.0]: https://datatracker.ietf.org/doc/html/rfc2246 +[TLS 1.1]: https://datatracker.ietf.org/doc/html/rfc4346 +[TLS 1.2]: https://datatracker.ietf.org/doc/html/rfc5246 +[TLS 1.3]: https://datatracker.ietf.org/doc/html/rfc8446 diff --git a/content/learning/tls/anon.md b/content/learning/tls/anon.md new file mode 100644 index 0000000..aacff0d --- /dev/null +++ b/content/learning/tls/anon.md @@ -0,0 +1,14 @@ +--- +title: Anonymous Key Exchanges +# description: +layout: learn-single + +--- + +## Summary + +Anonymous key exchanges are generally vulnerable to [Man-in-the-Middle attacks][MITM]. + +Any cipher suite with `anon` in the name should be avoided. + +[MITM]: https://en.wikipedia.org/wiki/Man-in-the-middle_attack diff --git a/content/learning/tls/cbc.md b/content/learning/tls/cbc.md new file mode 100644 index 0000000..da77f07 --- /dev/null +++ b/content/learning/tls/cbc.md @@ -0,0 +1,18 @@ +--- +title: Cipher Block Chaining +description: Vulnerable key exchange +layout: learn-single + +vulns: + - beast + - lucky-13 + +--- + +## Summary + +The [CBC] encryption algorithm suffers from a handful of vulnerabilites, namely alongside SSLv3 and TLS 1.0, making it a _weak_ cipher. GCM encryption should be preferred over CBC. + +Any cipher suite with `CBC` in the name should be avoided. + +[CBC]: https://en.wikipedia.org/w/index.php?title=Block_cipher_mode_of_operation#CBC diff --git a/content/learning/tls/des.md b/content/learning/tls/des.md new file mode 100644 index 0000000..41a286d --- /dev/null +++ b/content/learning/tls/des.md @@ -0,0 +1,23 @@ +--- +title: Data Encryption Standard (DES) +description: Vulnerable key exchange +layout: learn-single + +vulns: + - freak + +--- + +## Summary + +The [DES] algorithm was [developed at IBM in 1972][IBM], then [became a _Federal Information Processing Standard_ (FIPS) in 1977][FIPS-46]. + +It was [cracked in 1997][cracked], and was [removed from U.S. NIST standards (FIPS 46-3) in 2005][FIPS 46-3]. It is no longer considered secure. + +Any cipher suite with `DES` in the name should be avoided. + +[cracked]: https://web.archive.org/web/20170507231657/https://w2.eff.org/Privacy/Crypto/Crypto_misc/DESCracker/HTML/19980716_eff_des_faq.html +[DES]: https://en.wikipedia.org/wiki/Data_Encryption_Standard +[FIPS-46]: https://csrc.nist.gov/pubs/fips/46/final +[FIPS 46-3]: https://csrc.nist.rip/news/2005/withdrawal-of-fips-46-3-fips-74-and-fips-81 +[IBM]: https://ieeexplore.ieee.org/document/5389567 diff --git a/content/learning/tls/dh.md b/content/learning/tls/dh.md new file mode 100644 index 0000000..cfc895d --- /dev/null +++ b/content/learning/tls/dh.md @@ -0,0 +1,27 @@ +--- +title: Diffie-Hellman (DH) +description: Vulnerable key exchange +layout: learn-single + +vulns: + - logjam + - raccoon + +learn_more: + - text: 'Diffie-Hellman problem' + url: https://en.wikipedia.org/wiki/Diffie–Hellman_problem + source: Wikipedia + + - text: 'Deprecating Obsolete Key Exchange Methods in TLS 1.2' + url: https://datatracker.ietf.org/doc/html/draft-ietf-tls-deprecate-obsolete-kex/ + source: IETF + +--- + +## Summary + +The older [Diffie-Hellman] (DH, DHE) key exchange algorithms are vulnerable to a handful of security vulnerabilities. The newer _elliptic-curve_ (ECDHE) key exchange algorithms are more secure and should be strongly preferred. + +This is the non-ephemeral version, which… @TODO + +[Diffie-Hellman]: https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange diff --git a/content/learning/tls/dhe.md b/content/learning/tls/dhe.md new file mode 100644 index 0000000..0cdb411 --- /dev/null +++ b/content/learning/tls/dhe.md @@ -0,0 +1,28 @@ +--- +title: Diffie-Hellman, Ephemeral (DHE) +description: Vulnerable key exchange +layout: learn-single + +vulns: + - dheatattack + - logjam + - raccoon + +learn_more: + - text: 'Diffie-Hellman problem' + url: https://en.wikipedia.org/wiki/Diffie–Hellman_problem + source: Wikipedia + + - text: 'Deprecating Obsolete Key Exchange Methods in TLS 1.2' + url: https://datatracker.ietf.org/doc/html/draft-ietf-tls-deprecate-obsolete-kex/ + source: IETF + +--- + +## Summary + +The older [Diffie-Hellman] (DH, DHE) key exchange algorithms are vulnerable to a handful of security vulnerabilities. The newer _elliptic-curve_ (ECDHE) key exchange algorithms are more secure and should be strongly preferred. + +This is the ephemeral version, which… @TODO + +[Diffie-Hellman]: https://en.wikipedia.org/wiki/Diffie–Hellman_key_exchange diff --git a/content/learning/tls/rc2.md b/content/learning/tls/rc2.md new file mode 100644 index 0000000..63d1157 --- /dev/null +++ b/content/learning/tls/rc2.md @@ -0,0 +1,20 @@ +--- +title: Rivest Cipher 2 (RC2) +description: Vulnerable key exchange +layout: learn-single + +learn_more: + - text: 'A Description of the RC2(r) Encryption Algorithm' + url: https://datatracker.ietf.org/doc/html/rfc2268 + source: IETF + +--- + +## Summary + +The [RC2] algorithm was [cracked in 1997]. It is no longer considered secure. + +Any cipher suite with `RC2` in the name should be avoided. + +[cracked in 1997]: https://www.schneier.com/wp-content/uploads/2016/02/paper-relatedkey.pdf +[RC2]: https://en.wikipedia.org/wiki/RC2 diff --git a/content/learning/tls/rc4.md b/content/learning/tls/rc4.md new file mode 100644 index 0000000..a9d3725 --- /dev/null +++ b/content/learning/tls/rc4.md @@ -0,0 +1,48 @@ +--- +title: Rivest Cipher 4 (RC4) +description: Vulnerable key exchange +layout: learn-single + +vulns: + - NOMORE + +learn_more: + - text: 'Attacks against RC4' + url: https://en.wikipedia.org/wiki/Transport_Layer_Security#RC4_attacks + source: Wikipedia + + - text: 'Killing RC4: The Long Goodbye' + url: https://blog.cloudflare.com/killing-rc4-the-long-goodbye/ + source: Cloudflare + + - text: 'End of the road for RC4' + url: https://blog.cloudflare.com/killing-rc4-the-long-goodbye/ + source: Cloudflare + + - text: 'On the Security of RC4 in TLS and WPA' + url: https://www.isg.rhul.ac.uk/tls/index.html + +--- + +## Summary + +The [RC4] algorithm was [cracked in 2013][Qualys], was [prohibited from being part of TLS][RFC-7465] in 2015, and was [removed from all major web browsers][DigiCert] in 2016. It is no longer considered secure. + +Any cipher suite with `RC4` in the name should be avoided. + +## Information + +| Field | Value | +|--------------|--------------------------| +| Invented | 1987 | +| Cracked | 2015 | +| Ephemeral | _No_ | +| Related tech | [WEP], [WPA], [WPA-TKIP] | + +[DigiCert]: https://www.digicert.com/blog/major-browsers-announce-rc4-deprecation +[Qualys]: https://blog.qualys.com/product-tech/2013/03/19/rc4-in-tls-is-broken-now-what +[RC4]: https://en.wikipedia.org/wiki/RC4 +[RFC-7465]: https://datatracker.ietf.org/doc/html/rfc7465 +[WEP]: https://en.wikipedia.org/wiki/Wired_Equivalent_Privacy +[WPA]: https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access +[WPA-TKIP]: https://en.wikipedia.org/wiki/Temporal_Key_Integrity_Protocol diff --git a/content/vulns/_index.md b/content/vulns/_index.md new file mode 100644 index 0000000..c9f122b --- /dev/null +++ b/content/vulns/_index.md @@ -0,0 +1,9 @@ +--- +title: Vulnerabilities +description: Known security vulnerabilities. +layout: list +--- + +## By name + +A list of known security vulnerabilities, by name. diff --git a/content/vulns/beast.md b/content/vulns/beast.md new file mode 100644 index 0000000..49596a1 --- /dev/null +++ b/content/vulns/beast.md @@ -0,0 +1,37 @@ +--- +title: BEAST +description: Browser Exploit Against SSL/TLS +layout: term + +learn_more: + - text: 'Lucky 13, BEAST, CRIME,… Is TLS dead, or just resting?' + url: https://www.ietf.org/proceedings/89/slides/slides-89-irtfopen-1.pdf + source: IETF + + - text: 'Here Come The ⊕ Ninjas' + url: https://web.archive.org/web/20220308133400/http://netifera.com/research/beast/beast_DRAFT_0621.pdf + source: Netifera + + - text: 'Prevent SSL BEAST attacks' + url: https://docs.veracode.com/r/prevent-ssl-beast + source: Veracode + + - text: 'Proof Of Concept of the BEAST attack against SSL/TLS CVE-2011-3389' + url: https://github.com/mpgn/BEAST-PoC + source: GitHub + + - text: 'Encryption - CBC Mode IV: Secret or Not?' + url: https://defuse.ca/cbcmodeiv.htm + +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|--------------| +| Cracked | 2011 | +| Vulnerability class | Data leakage | diff --git a/content/vulns/breach.md b/content/vulns/breach.md new file mode 100644 index 0000000..295cb0d --- /dev/null +++ b/content/vulns/breach.md @@ -0,0 +1,27 @@ +--- +title: BREACH +description: Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext +layout: term + +learn_more: + - text: 'BREACH Attack' + url: https://www.breachattack.com + + - text: 'BREACH PoC' + url: https://github.com/nealharris/BREACH + source: GitHub + +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|--------------------| +| Cracked | 2013 | +| Vulnerability class | Compression attack | + +[BREACH]: https://en.wikipedia.org/wiki/BREACH diff --git a/content/vulns/cloudbleed.md b/content/vulns/cloudbleed.md new file mode 100644 index 0000000..9712386 --- /dev/null +++ b/content/vulns/cloudbleed.md @@ -0,0 +1,18 @@ +--- +title: Cloudbleed +description: '@TODO' +layout: term +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | + +[Cloudbleed]: https://en.wikipedia.org/wiki/Cloudbleed diff --git a/content/vulns/crime.md b/content/vulns/crime.md new file mode 100644 index 0000000..3d3a488 --- /dev/null +++ b/content/vulns/crime.md @@ -0,0 +1,36 @@ +--- +title: CRIME +description: Compression Ratio Info-leak Made Easy +layout: term + +learn_more: + - text: 'Lucky 13, BEAST, CRIME,… Is TLS dead, or just resting?' + url: https://www.ietf.org/proceedings/89/slides/slides-89-irtfopen-1.pdf + source: IETF + + - text: 'Prevent SSL CRIME attacks' + url: https://docs.veracode.com/r/prevent-ssl-crime + source: Veracode + + - text: 'CRIME: Information Leakage Attack against SSL/TLS' + url: https://blog.qualys.com/product-tech/2012/09/14/crime-information-leakage-attack-against-ssltls + source: Qualys + + - text: 'CVE-2012-4929' + url: https://nvd.nist.gov/vuln/detail/CVE-2012-4929 + source: NIST + +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|--------------------| +| Cracked | 2012 | +| Vulnerability class | Compression attack | + +[CRIME]: https://en.wikipedia.org/wiki/CRIME diff --git a/content/vulns/dheatattack.md b/content/vulns/dheatattack.md new file mode 100644 index 0000000..e465156 --- /dev/null +++ b/content/vulns/dheatattack.md @@ -0,0 +1,27 @@ +--- +title: DHE At Attack +description: +layout: term + +learn_more: + - text: 'DHE At Attack' + url: https://web.archive.org/web/20241010094103/https://dheatattack.com/ + + - text: 'D(HE)ater is a proof-of-concept implementation' + url: https://dheatattack.gitlab.io/dheater/ + + - text: 'CVE-2002-20001' + url: https://nvd.nist.gov/vuln/detail/CVE-2002-20001 + +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | diff --git a/content/vulns/drown.md b/content/vulns/drown.md new file mode 100644 index 0000000..b0d3792 --- /dev/null +++ b/content/vulns/drown.md @@ -0,0 +1,36 @@ +--- +title: DROWN +description: Decrypting RSA with Obsolete and Weakened eNcryption +layout: term + +learn_more: + - text: 'The DROWN Attack' + url: https://drownattack.com + + - text: 'DROWN: Breaking TLS using SSLv2' + url: https://drownattack.com/drown-attack-paper.pdf + source: PDF + + - text: 'CVE-2016-0800' + url: https://nvd.nist.gov/vuln/detail/CVE-2016-0800 + +--- + +## Overview + +[DROWN] is known as a _downgrade attack_. Historically, if a web browser (or other client) tried to connect with modern security, and the server did not support it, the client would then be able to _downgrade_ the level of security to a previous version of TLS or SSL and try to connect there. + +Since SSLv2 is known to have many vulnerabilities, [DROWN] forces the connection to _downgrade_ to SSLv2. If the server supports SSLv2, then any known attacks against SSLv2 can be performed to access sensitive/encrypted data. While SSLv2 is the easiest to break, this attack can also be performed against other versions of TLS or SSL in preparation for a different attack. + +Whereas [Logjam](/vulns/logjam) focuses on Diffie-Hellman key exchanges, and [FREAK](/vulns/freak) focuses on export-grade encryption, _DROWN_ targets SSLv2. + +The best way to avoid this vulnerability is to _only_ allow TLS 1.2 (with recommended cipher suites) and TLS 1.3. + +## Information + +| Field | Value | +|---------------------|------------------| +| Cracked | 2016 | +| Vulnerability class | Downgrade attack | + +[DROWN]: https://en.wikipedia.org/wiki/DROWN_attack diff --git a/content/vulns/freak.md b/content/vulns/freak.md new file mode 100644 index 0000000..3843792 --- /dev/null +++ b/content/vulns/freak.md @@ -0,0 +1,46 @@ +--- +title: FREAK +description: Factoring RSA Export Keys +layout: term + +learn_more: + - text: 'Tracking the FREAK Attack' + url: https://freakattack.com + + - text: 'Export of cryptography from the United States' + url: https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States + source: Wikipedia + + - text: 'State Machine Attacks' + url: https://www.smacktls.com + + - text: '‘FREAK’ flaw undermines security for Apple and Google users, researchers discover' + url: https://www.washingtonpost.com/news/the-switch/wp/2015/03/03/freak-flaw-undermines-security-for-apple-and-google-users-researchers-discover/ + source: Washington Post + + - text: 'Attack of the week: FREAK (or ‘factoring the NSA for fun and profit’)' + url: https://blog.cryptographyengineering.com/2015/03/03/attack-of-week-freak-or-factoring-nsa/ + source: Cryptographic Engineering + +--- + +## Overview + +The [FREAK] attack is known as a _downgrade attack_, and reliably breaks U.S. export-grade encryption. + +Before the year 2000, the U.S. government required any cryptography that was exported from the U.S. to be subject to either substantially-reduced encryption keys or the use of backdoors in the encryption algorithms known to the U.S. government. By modern standards, even in the U.S., these are considered insecure and should not be used. + +Whereas [DROWN](/vulns/drown) focuses on SSLv2, and [Logjam](/vulns/logjam) focuses on Diffie-Hellman key exchanges, _FREAK_ targets export-grade encryption. + +The best way to avoid this vulnerability is to _only_ allow TLS 1.2 (with recommended cipher suites) and TLS 1.3. + +![XKCD: CIA comic](https://imgs.xkcd.com/comics/cia.png) + +## Information + +| Field | Value | +|---------------------|------------------| +| Cracked | 2015 | +| Vulnerability class | Downgrade attack | + +[FREAK]: https://en.wikipedia.org/wiki/FREAK diff --git a/content/vulns/heartbleed.md b/content/vulns/heartbleed.md new file mode 100644 index 0000000..bc22807 --- /dev/null +++ b/content/vulns/heartbleed.md @@ -0,0 +1,55 @@ +--- +title: Heartbleed +description: Vulnerability in OpenSSL’s implementation of the TLS/DTLS heartbeat extension +layout: term + +learn_more: + - text: 'Heartbleed' + url: https://heartbleed.com + + - text: 'CVE-2014-0160' + url: https://nvd.nist.gov/vuln/detail/cve-2014-0160 + source: NIST + + - text: "OpenSSL 'Heartbleed' vulnerability (CVE-2014-0160)" + url: https://www.cisa.gov/news-events/alerts/2014/04/08/openssl-heartbleed-vulnerability-cve-2014-0160 + source: 'cisa.gov' + + - text: "Heartbleed vulnerability PoC" + url: https://github.com/adamalston/Heartbleed + source: GitHub + + - text: "Security: Heartbleed vulnerability" + url: https://github.blog/news-insights/the-library/security-heartbleed-vulnerability/ + source: GitHub Blog + + - text: "Heartbleed Bug" + url: https://owasp.org/www-community/vulnerabilities/Heartbleed_Bug + source: OWASP + + - text: "The Heartbleed Bug, explained" + url: https://www.vox.com/2014/6/19/18076318/heartbleed + source: Vox + +--- + +## Overview + +[Heartbleed] is a vulnerability in certain older versions of OpenSSL, due to a bug that allowed an attacker to read more data than they should have been allowed to. + +This allows an attacker to read additional data beyond the bounds of the TLS handshake in memory — including data that was supposed to be encrypted — fundamentally breaking security on the web. Not only did people need to update the versions of their deployed OpenSSL libraries, but in many cases they also needed to wait for software that was compiled with OpenSSL to be recompiled and released (or recompile the software themselves). + +After _Heartbleed_, there were at least two notable forks: [LibreSSL] by the OpenBSD project; and [BoringSSL] by Google for use in Chromium, Android, and other projects. Other TLS/SSL libraries were not affected since it was a bug specific to OpenSSL, but OpenSSL was one of the most-used SSL/TLS libraries in-use at the time. + +![XKCD: Heartbleed comic](https://imgs.xkcd.com/comics/heartbleed.png) + +## Information + +| Field | Value | +|---------------------|--------------| +| Cracked | 2014 | +| Vulnerability class | Data leakage | + +[BoringSSL]: https://github.com/google/boringssl +[Heartbleed]: https://en.wikipedia.org/wiki/Heartbleed +[LibreSSL]: https://www.libressl.org diff --git a/content/vulns/heist.md b/content/vulns/heist.md new file mode 100644 index 0000000..a40efee --- /dev/null +++ b/content/vulns/heist.md @@ -0,0 +1,30 @@ +--- +title: HEIST +description: HTTP Encrypted Information can be Stolen through TCP +layout: term + +learn_more: + - text: 'HEIST: HTTP Encrypted Information can be Stolen through TCP-windows' + url: https://www.blackhat.com/docs/us-16/materials/us-16-VanGoethem-HEIST-HTTP-Encrypted-Information-Can-Be-Stolen-Through-TCP-Windows-wp.pdf + source: BlackHat + + - text: 'CVE-2016-7152' + url: https://nvd.nist.gov/vuln/detail/CVE-2016-7152 + source: NIST + + - text: 'New attack steals SSNs, e-mail addresses, and more from HTTPS pages' + url: https://arstechnica.com/information-technology/2016/08/new-attack-steals-ssns-e-mail-addresses-and-more-from-https-pages/ + source: Ars Technica + +--- + +## Overview + +@TODO + +## Information + +| Field | Value | +|---------------------|--------------------| +| Cracked | 2016 | +| Vulnerability class | Compression attack | diff --git a/content/vulns/logjam.md b/content/vulns/logjam.md new file mode 100644 index 0000000..b6cd0b9 --- /dev/null +++ b/content/vulns/logjam.md @@ -0,0 +1,42 @@ +--- +title: Logjam +description: +layout: term + +learn_more: + - text: 'Weak Diffie-Hellman and the Logjam Attack' + url: https://weakdh.org + + - text: 'NSA in P/poly: The Power of Precomputation' + url: https://scottaaronson.blog/?p=2293 + + - text: 'CVE-2015-4000' + url: https://nvd.nist.gov/vuln/detail/CVE-2015-4000 + source: NIST + + - text: 'Logjam: the latest TLS vulnerability explained' + url: https://blog.cloudflare.com/logjam-the-latest-tls-vulnerability-explained/ + source: Cloudflare + +--- + +## Overview + +The [Logjam] attack is known as a _downgrade attack_, and reliably breaks U.S. export-grade encryption. + +Before the year 2000, the U.S. government required any cryptography that was exported from the U.S. to be subject to either substantially-reduced encryption keys or the use of backdoors in the encryption algorithms known to the U.S. government. By modern standards, even in the U.S., these are considered insecure and should not be used. + +Whereas [DROWN](/vulns/drown) focuses on SSLv2, and [FREAK](/vulns/freak) focuses on export-grade encryption, _Logjam_ targets Diffie-Hellman key exchanges. + +In short, while _Logjam_ can be cracked for 512-bit DH keys by anyone with a cloud account, and _Nation-State Cyber Attackers_ can crack 1024-bit DH keys, 2048-bit DH keys are considered safe. That being said, using `ECDHE` key exchanges are even more secure. + +The best way to avoid this vulnerability is to _only_ allow TLS 1.2 (with recommended cipher suites) and TLS 1.3. + +## Information + +| Field | Value | +|---------------------|------------------| +| Cracked | 2015 | +| Vulnerability class | Downgrade attack | + +[Logjam]: https://en.wikipedia.org/wiki/Logjam_(computer_security) diff --git a/content/vulns/lucky-13.md b/content/vulns/lucky-13.md new file mode 100644 index 0000000..352d34d --- /dev/null +++ b/content/vulns/lucky-13.md @@ -0,0 +1,28 @@ +--- +title: Lucky 13 +description: 5 bytes of TLS header plus 8 bytes of TLS sequence number makes this attack possible. +layout: term + +learn_more: + - text: 'Prevent SSL LUCKY13 attacks' + url: https://docs.veracode.com/r/prevent-ssl-lucky13 + source: Veracode + + - text: 'Lucky 13, BEAST, CRIME,… Is TLS dead, or just resting?' + url: https://www.ietf.org/proceedings/89/slides/slides-89-irtfopen-1.pdf + source: IETF + +--- + +[Lucky 13] is an attack on CBC-mode encryption in TLS. AES-GCM ciphers (added in TLS 1.2) are not vulnerable to these attacks. + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | + +[Lucky 13]: https://www.isg.rhul.ac.uk/tls/Lucky13.html diff --git a/content/vulns/nomore.md b/content/vulns/nomore.md new file mode 100644 index 0000000..820fe69 --- /dev/null +++ b/content/vulns/nomore.md @@ -0,0 +1,26 @@ +--- +title: RC4 NOMORE +description: Numerous Occurrence MOnitoring and Recovery Exploit +layout: term + +learn_more: + - text: 'RC4 NOMORE' + url: https://www.rc4nomore.com + + - text: 'All Your Biases Belong To Us: Breaking RC4 in WPA-TKIP and TLS' + url: https://www.rc4nomore.com/vanhoef-usenix2015.pdf + + - text: 'Attacking SSL when using RC4' + url: https://www.imperva.com/docs/HII_Attacking_SSL_when_using_RC4.pdf + source: Imperva + +--- + +@TODO + +## Information + +| Field | Value | +|---------------------|--------------| +| Cracked | 2015 | +| Vulnerability class | Bit-flipping | diff --git a/content/vulns/poodle.md b/content/vulns/poodle.md new file mode 100644 index 0000000..96e1ad3 --- /dev/null +++ b/content/vulns/poodle.md @@ -0,0 +1,26 @@ +--- +title: POODLE +description: Padding Oracle On Downgraded Legacy Encryption +layout: term +--- + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | + +## Learn more… + +* [This POODLE Bites: Exploiting The +SSL 3.0 Fallback](https://web.archive.org/web/20240101001947/https://www.openssl.org/~bodo/ssl-poodle.pdf) (PDF) +* [What Is the POODLE Attack?](https://www.acunetix.com/blog/web-security-zone/what-is-poodle-attack/) (Acunetix) +* [Poodle (Padding Oracle On Downgraded Legacy Encryption) attack CVE-2014-3566](https://github.com/mpgn/poodle-PoC) +* [CVE-2014-3566](https://nvd.nist.gov/vuln/detail/CVE-2014-3566) + +[POODLE]: https://en.wikipedia.org/wiki/POODLE + +https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/ diff --git a/content/vulns/racoon.md b/content/vulns/racoon.md new file mode 100644 index 0000000..f5a01b7 --- /dev/null +++ b/content/vulns/racoon.md @@ -0,0 +1,16 @@ +--- +title: Raccoon +description: +layout: term +--- + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | + +[Racoon Attack]: https://raccoon-attack.com diff --git a/content/vulns/sweet32.md b/content/vulns/sweet32.md new file mode 100644 index 0000000..7244a31 --- /dev/null +++ b/content/vulns/sweet32.md @@ -0,0 +1,14 @@ +--- +title: Sweet32 +# description: Known security vulnerabilities. +layout: term +--- + +@TODO + +## Information + +| Field | Value | +|---------------------|-------| +| Cracked | | +| Vulnerability class | | diff --git a/hugo_stats.json b/hugo_stats.json index 0ebf154..d80227d 100644 --- a/hugo_stats.json +++ b/hugo_stats.json @@ -37,14 +37,19 @@ "strong", "style", "svg", + "table", + "tbody", + "td", + "th", + "thead", "title", + "tr", "ul" ], "classes": [ "-inset-0.5", "-mb-6", "-mr-2", - "-mt-6", "-mx-4", "-my-2", "absolute", @@ -55,8 +60,6 @@ "bg-indigo-700", "bg-white", "block", - "border-b", - "border-gray-900/5", "border-t-2", "dark:bg-[#171e21]", "dark:bg-black", @@ -73,14 +76,11 @@ "dark:text-white", "dark:text-yellow-300", "divide-gray-200", - "divide-gray-900/5", "divide-y", "emoji", "fill-[#9ca3af]", "flex", - "flex-auto", "flex-col", - "flex-none", "flex-shrink-0", "flex-wrap", "flow-root", @@ -98,7 +98,6 @@ "font-semibold", "gap-x-12", "gap-x-2", - "gap-x-6", "gap-y-3", "grid", "grid-cols-1", @@ -114,7 +113,6 @@ "hover:text-white", "inline-block", "inline-flex", - "inset-0", "items-baseline", "items-center", "justify-between", @@ -127,7 +125,6 @@ "lg:px-8", "max-w-2xl", "max-w-7xl", - "max-w-lg", "md:block", "md:col-span-2", "md:divide-x", @@ -144,7 +141,6 @@ "mt-1", "mt-10", "mt-14", - "mt-16", "mt-2", "mt-4", "mt-5", @@ -173,19 +169,15 @@ "ring-1", "ring-4", "ring-gray-50", - "ring-gray-900/10", "ring-gray-900/5", "rounded-lg", "rounded-md", "rounded-tl-lg", "rounded-tr-lg", - "self-center", "shadow", "shadow-inner", "shadow-slate-100", - "shadow-sm", "size-10", - "size-4", "size-6", "sm:-mx-6", "sm:divide-y-0", @@ -196,7 +188,6 @@ "sm:grid", "sm:grid-cols-2", "sm:mt-0", - "sm:mt-20", "sm:p-6", "sm:px-0", "sm:px-3", @@ -214,12 +205,10 @@ "text-3xl", "text-5xl", "text-balance", - "text-base/6", "text-base/8", "text-black", "text-center", "text-gray-300", - "text-gray-400", "text-gray-500", "text-gray-600", "text-gray-900", @@ -233,6 +222,8 @@ "text-xl", "top-6", "tracking-tight", + "ui-badge-alert-wrap", + "ui-badge-error-wrap", "ui-badge-indigo-wrap", "ui-badge-success-wrap", "ui-badge-tip-wrap", @@ -242,20 +233,33 @@ "w-8" ], "ids": [ + "--text-cve-2014-0160", "a", + "affected-cipher-suite-classes", "aws", "b", "brief-descriptions-of-http", + "by-name", "c", "devsec-tools", "footer-heading", "how-does-this-stuff-work", + "information", + "known-issues-in-classes-of-cipher-suites", + "known-vulnerabilities", + "learn-more", "learn-more-about-http", "learn-more-about-quic", "mobile-menu", "northwood-labs", + "overview", + "parts-of-a-cipher-suite", + "source-nist", "summary", - "tmpl-single" + "tls-12-with-_forward-secrecy_", + "tls-13", + "tmpl-single", + "url-httpsnvdnistgovvulndetailcve-2014-0160" ] } } diff --git a/themes/dst2024 b/themes/dst2024 index fadd9b5..6df2708 160000 --- a/themes/dst2024 +++ b/themes/dst2024 @@ -1 +1 @@ -Subproject commit fadd9b564bac2670c3a9f0471c2144ea10d26a83 +Subproject commit 6df27089b4161072b96859e482d06971089791d6