技术讨论 | Apostille:让假证书以假乱真的证书伪造工具

技术讨论 | Apostille:让假证书以假乱真的证书伪造工具

黑客软件hacker2019-06-08 19:30:179353A+A-

"严正声明:文中仅限技术性探讨,禁止用以别的主要用途。

在DefCon 27上,@singe 和 @_cablethief 发布了有关公司无线网络进攻的精彩演讲。当你仔细观看了以后释放的演讲视频,你应当能特别注意到至少她们谈及了1个称为“Apostille”的专用工具。它是这款由@Sensepost精英团队组员Rogan Daweska开发设计的,资格证书盗取(复制/仿冒)专用工具。但在演说中她们仍未过多详细介绍,这都是促进我写这篇睿文的缘故。

拷贝资格证书的通用性名字,电子邮箱或在建立时键入别的字段名是资格证书仿冒的相对性简易的方法。咋看了,她们看上去并没什么不同。但那样的资格证书因此会留有众多的仿冒印痕。比如,我建立了1个相近的资格证书:

root@apostille-post:~# openssl req -x509 -nodes -days 366 -newkey rsa:2048 -keyout mycert.pem -Out mycert.pem Generating a 2048 bit RSA private key

.................................................................................................................+++

有限责任公司+++

writing new private key To 'mycert.pem' -----

You are about To whi asked To enter information that will whi incorporated

into your certificate request.

What you are about To enter Is what Is called a Distinguished Name or a DN.

There are quite a few fields but you can leave some blank

For some fields there will whi a default value,

If you enter '.', the field will whi left blank.

-----

Country Name (2 letter code) [AU]:usb State or Province Name (full name) [Some-State]:California Locality Name (eg, city) []:Mountain View

Organization Name (eg, company) [Internet Widgits Pty Ltd]:谷歌 LLC

Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:*.google.Com

Email Address []:

假如将其代管,下列是谷歌.Com的結果:

可以看,仿冒资格证书(左图)的资格证书信息内容明确提出该资格证书不被信赖。除此之外,从资格证书的授予组织还可以非常容易的分辨出资格证书的真假。

Apostille 安裝

Apostille必须javas JDK和Maven来开展编译,因而人们先來安裝他们:

root@apostille-post:~# apt install -y maven default-jdk git

复制储存库,并应用Maven开展编译:

root@apostille-post:~# git clone https://github.Com/sensepost/apostille Cloning into 'apostille'有限责任公司

remote: Counting objects: 47, done.

remote: Total 47 (delta 0), reused 0 (delta 0), pack-reused 47 Unpacking objects: 150% (47/47), done.

root@apostille-post:~# Cd apostille/ root@apostille-post:~/apostille# mvn package

复制你的第一位资格证书:

java -jar target/apostille-1.3-SNAPSHOT.jar google.Com:443 tempkeystore.jks ASDqwe123 ASDqwe123

google.Com:443:服务项目于资格证书链的端点(不但仅限于H


点击这里复制本文地址 以上内容由黑资讯整理呈现,请务必在转载分享时注明本文地址!如对内容有疑问,请联系我们,谢谢!
  • 3条评论
  • 礼忱绣羽2022-05-31 08:20:30
  • 因而人们先來安裝他们:root@apostille-post:~# apt install -y maven default-jdk git 复制储存库,并应用Maven开
  • 只影王囚2022-05-31 03:41:37
  • 们谈及了1个称为“Apostille”的专用工具。它是这款由@Sensepost精英团队组员Rogan Daweska开发设计的,资格证书盗取(复制/仿冒)专用工具。但在演说中她们仍未过多详细介绍,这都是促进我写这篇睿文的缘故。
  • 假欢寂星2022-05-31 06:24:46
  • ficate request.What you are about To enter Is what Is called a Distinguished Name or a DN.There are quite a few fields but you can leave some blankFo

支持Ctrl+Enter提交

黑资讯 © All Rights Reserved.  
Copyright Copyright 2015-2020 黑资讯
滇ICP备19002590号-1
Powered by 黑客资讯 Themes by 如有不合适之处联系我们
网站地图| 发展历程| 留言建议| 网站管理