15

I'm using gmail from work, but I need to enter a password for a proxy when accesing the first web page. The password is asked from inside the browser. I receive a certificate from the proxy which I must accept in order to make the Internet connection work.

Can my HTTPS connection, between gmail and browser, be tracked in this situation?

rook
  • 66,304
  • 38
  • 162
  • 239
INS
  • 10,594
  • 7
  • 58
  • 89
  • 2
    Superuser might be a better forum for this question though I think it is of interest to anyone developing https sites. And just to mention prefixing a question "Debate:" is probably a sure fire way of getting it closed as subjective and argumentative! – Martin Smith May 22 '10 at 16:53
  • @Martin Smith He is going to get a better answer from a programmer. – rook May 22 '10 at 18:31
  • Does the proxy server present you a fake certificate for gmail.com that you are forced to accept? I think you are accepting a SSL certificate for the proxy server, and not for the end website you are visiting. Can you confirm this? – Sripathi Krishnan May 22 '10 at 21:32
  • [Don't](http://meta.stackexchange.com/questions/46035/should-i-remove-tags-that-dont-contribute-to-categorizing-the-question/46037#46037) [tag](http://meta.stackexchange.com/questions/43879/anti-tags-valid-use-or-not) [not-programming-related.](http://meta.stackexchange.com/questions/10216/can-we-disallow-the-use-of-belongs-on-xxxxxxx-and-not-programming-related-tag/10222#10222) @corey –  May 24 '10 at 00:15
  • When do you receive the certificate from the proxy? Only on the first connection where you login to the proxy? Otherwise it's hijacking your Gmail TLS session... And what do you mean by "tracked"? The proxy can only fingerprint you and know your IP address and what you are connecting to as long as it's not hijacking your TLS session. None of these answers are valid because you didn't provide a question. – L̲̳o̲̳̳n̲̳̳g̲̳̳p̲̳o̲̳̳k̲̳̳e̲̳̳ May 24 '10 at 01:05

6 Answers6

12

Fiddler describes it like this:

Q: The HTTPS protocol was designed to prevent traffic viewing and tampering. Given that, how can Fiddler2 debug HTTPS traffic?

A: Fiddler2 relies on a "man-in-the-middle" approach to HTTPS interception. To your web browser, Fiddler2 claims to be the secure web server, and to the web server, Fiddler2 mimics the web browser. In order to pretend to be the web server, Fiddler2 dynamically generates a HTTPS certificate.

Fiddler's certificate is not trusted by your web browser (since Fiddler is not a Trusted Root Certification authority), and hence while Fiddler2 is intercepting your traffic, you'll see a HTTPS error message in your browser, like so:

Community
  • 1
  • 1
tangens
  • 39,095
  • 19
  • 120
  • 139
  • 1
    +1. And of course if you accept the fiddler certificate then you won't see the HTTPS error message. – Martin Smith May 22 '10 at 17:12
  • 1
    Fiddler causes the browser to throw an error and thats the point of https. However **sslstrip** can bypass https without throwing an error. You should read my post. – rook May 22 '10 at 18:30
  • @Rook - Totally agree with you. I spent a lot of time trying to suppress the untrusted ssl certificate warning using paros proxy and mitm proxy, but finally achieved it only using sslstrip. – Myxtic Apr 22 '13 at 05:24
11

tracked? Well even though https encrypts the traffic you still know the ip address of both parties (gmail and the browser). HTTPS doesn't solve this problem, but a different blend of crypto has created The Onion Router(TOR) which does make impossible to locate both servers and clients.

Under "normal" conditions when an attacker is trying to MITM HTTPS your browser should throw a certificate error. This is the whole point of SSL backed by a PKI. HOWEVER in 2009 Moxie Marlenspike gave a killer Blackhat talk in which he was able to MITM HTTPS without warning. His tools is called SSLStrip, and I highly recommend watching that video.

A good solution to SSLStrip was developed by Google. Its called STS, and you should enable this on all of your web applications. Currently sts is only supported by Chrome, but Firefox is working on their supporting this feature. Eventually all browsers should support it.

rook
  • 66,304
  • 38
  • 162
  • 239
  • Rook +1 for SSLStrip. It'd work 99% of the times, but if the user *directly* enters https:// in the browser, it won't work. SSLStrip only works if the first request to the server is over http. – Sripathi Krishnan May 22 '10 at 21:28
2

Yes they can. You can see this for yourself by downloading Fiddler and using it to decrypt https traffic. Fiddler issues its own certificate and acts a man in the middle. You would need to view the certificate in your browser to see whether it is actually issued by gmail.

Martin Smith
  • 438,706
  • 87
  • 741
  • 845
  • This doesnt proof that you can perform a man in the middle on https, perhaps fiddler can do this because it resides inside the browser. In that case it is no longer called a man-in-the-middle attack but a man-in-the-browser attack (no kidding). If fiddler does not depend on residing in the browser, can you please provide more details on how this can be done? and how fidler does this – Henri May 22 '10 at 16:55
  • @Henri - See my comment to your answer. – Martin Smith May 22 '10 at 16:59
  • Yes, but fidderl's attack throws a warning so Https is doing its job. sslstrip can bypass this warning all together. – rook May 22 '10 at 18:29
  • @The Rook It won't throw a warning for the OP as he has already accepted the certificate. – Martin Smith May 22 '10 at 18:47
1

It seems that the renegotiation is a weak spot in the TSLv1 (see TLS renegotiation attack. More bad news for SSL).

Gumbo
  • 643,351
  • 109
  • 780
  • 844
0

As pointed out by other answers (read also here) for this to work really "in the middle" (i.e. excluding the cases in which the capturing occurs at one of the end-points, inside the browser or inside the web server), some kind of proxy must be set, who speaks to your browser and to the server, pretending to both to be the other side. But your browser (and ssl) is smart enough to realize that the certificate that the proxy sends you ("saying: I am gmail") is illegal, i.e. is not signed by a trusted Root Certification authority. Then, this will only work if the user explicitly accepts that untrusted certificate, or if the CA used by the proxy was inserted into the trusted CA registry in his browser.

In summary, if the user is using a clean/trusted browser installation, and if he refuses certificates issued by untrusted authorities, an man "in the middle" cannot decrypt an https communication.

Community
  • 1
  • 1
leonbloy
  • 73,180
  • 20
  • 142
  • 190
  • From the question: "I receive from the proxy a certificate which I must accept in order to make the Internet connection work." – Martin Smith May 22 '10 at 17:38
-1

It cannot be tracked between the gmail webserver and your pc, but once it is inside the pc, it can be tracked. I dont understand how two people claim that https can be tracked with mitm since the whole purpose of https is to prevent such attacks.

The point is that all HTTP level messages are encrypted, and mac-ed. Due to the certificate trust chain, you cannot fake a certificate, so it should not be possible to perform a man in the middle.

The ones who claim it is possible, can you please give details about how and why it is possible and how the existing countermeasures are circumvented?

Henri
  • 5,065
  • 23
  • 24
  • 2
    The OP says "I receive from the proxy a certificate which I must accept in order to make the Internet connection work." I presume that browser -> proxy is https encrypted using that certificate. *Not* gmail's. It is then decrypted at the proxy and re encrypted when doing the https request to gmail. It should be possible to see this though by clicking the padlock icon and viewing the certificate. – Martin Smith May 22 '10 at 16:54