WikiLeaks Reveals A CIA LAN-Attacking Tool From 'Vault 7'

An anonymous reader quotes BetaNews: WikiLeaks continues to release revealing documents from its Vault 7 cache. This time around the organization introduces us to a CIA tool called Archimedes -- previously known as Fulcrum. As before, there is little to confirm whether or not the tool is still in active use -- or, indeed, if it has actually ever been used -- but the documentation shows how it can be installed on a LAN to perform a man-in-the-middle attack.

The manual itself explains how Archimedes works: "Archimedes is used to redirect LAN traffic from a target's computer through an attacker controlled computer before it is passed to the gateway. This enables the tool to inject a forged web server response that will redirect the target's web browser to an arbitrary location. This technique is typically used to redirect the target to an exploitation server while providing the appearance of a normal browsing session."
HotHardware notes that WikiLeaks "also provided the full documentation for Fulcrum, which goes into much greater detail about how the man-in-the-middle operation is conducted" -- including this instruction in the guide's "Management" section. "If you are reading this then you have successfully delivered the Fulcrum packages and provided the binaries with code execution. Hoorah! At this stage, there is not much to do other than sit back and wait."

Ettercap

W00h00, they reinvented ettercap:
# ettercap -i eth0 -T -M arp /192.168.111.1/ /192.168.111.2/

Re:What About HTTPS?

[scdeimos]

You put far too much faith in HTTPS.

The default settings of SSL/TLS libraries on most operating systems make man-in-the-middle attacks trivial. When an SSL/TLS session is negotiated only the following things are validated:

1. The origin server certificate trust chain is ultimately signed by a Trusted Root certificate - any trusted root certificate.
2. The valid-from and valid-to dates on the certificate are current.
3. The desried host name is in the Subject or SubjectAlt fields, which is a useless check with 0% value.

So, why would I say that the host name check is a useless check with 0% value? Because TLS has been neutered since SNI was introduced (RFC 3546 Transport Layer Security Extensions # Server Name Indication). Before then SSL/TLS was "reasonably secure" but since then it is virtually worthless. Under SNI the connecting client tells the origin server which host name it is connecting to and, thanks to that gaping hole, the origin server (or any man-in-the-middle appliance) has enough information to either generate a fake certificate or pull one out of its cache.

Re:What About HTTPS?

[scdeimos]

I think maybe your head is in the sand if you can't see how SNI weakened TLS as a security protocol. SNI was created because Web Hosters and businesses didn't want to keep paying for additional IPv4 address space - prior to that you could only host a single SSL/TLS-enabled web site on any given IPv4's tcp/443. Instead of migrating everybody to IPv6 where every host could have a unique address they pushed for SNI to add HTTP Host-like header capabilities to TLS.

Your premise that SNI is not a huge problem is only valid if, and only if, you can guarantee that every single trusted root certificate (and every single Server Identity capable intermediate certificate signed by them) has never been compromised by an attacker. Show me any US-based Certificate Authorities issuing NSL canaries and the like. Some CAs don't even specify a maximum chain length on their root/intermediate certificates.

If you'd like to see a practical HTTPS man-in-the-middle demonstration on your favorite Windows desktop just install Telerik's Fiddler tool and enable the HTTPS Intercept option. This installs its own certificate into your Trusted Root Certificate store and then re-encrypts all of your HTTPS connections so you can inspect the traffic.