Tool for cracking encrypted session data

Poet in action.
Source: netifera.com Two researchers have released a tool which can be used to crack web server-encrypted session data contained in cookies and parameters hidden in HTML pages. The method used by Juliano Rizzo and Thai Duong's Padding Oracle Exploitation Tool (Poet) can also be used to crack CAPTCHAS.

Poet utilises the Padding Oracle Attack, first discovered in 2002, to decrypt cypher block chaining (CBC) mode encrypted data without the key. Web applications such as those generated using the popular JavaServer Faces framework (JSF) are affected.

The Padding Oracle Attack makes use of the fact that during encryption individual blocks must always be 8 or 16 bytes long. In order to meet this requirement it is usually necessary to pad out the final block with additional bytes. There are various methods of performing this padding, some of which facilitate cracking. This is where Padding Oracle – essentially a program or service which uses a status message to indicate whether the padding in a received packet is valid – comes into play. This is exactly what the JSF framework does.

By trying out all possible padding combinations, it is possible to decrypt the ViewStates embedded in HTML pages and used to store visitor information relatively quickly. A video demonstrating the attack is available online. The decrypted data can also include confidential data to which site visitors should not have access. A complete description of the attack can be found in Practical Padding Oracle Attacks.

The technique can also be used – by decrypting the solution, which is included with the image in encrypted form – to crack CAPTCHAS. In order to avoid having to store this information, some servers transfer all data to the client and then compare the returned information.

Although Poet can at present only crack ViewStates, this is sufficient for developers to test their websites for vulnerabilities. The tool includes a GUI and runs under Windows, Mac OS X and Linux.

(crve)