Detecting Compromised SSL Certificates Using Nessus

When Thieves Target SSL Certificates

SSL is one of the most commonly used protocols to provide encryption for a variety of different applications. As such, it has come under great scrutiny over the years. While SSL misconfiguration is commonplace, one of the more recent attacks against SSL is to steal the Certificate Authority (CA) certificate. (In a paper released in July 2012, NIST warned that this type of attack would increase). Access to this certificate allows the attacker to issue valid certificates, and in the case of a code-signing certificate, use it to sign malware. Malware executing with this level of trust increases the chances of successfully being installed on the system. Other CA certificates are used to generate website certificates used by attackers to impersonate secure access to a given website.

Attackers stealing CA certificates has become more common. Don't think of it as stealing a cookie (or three), but more like attackers stealing the recipe to make their own cookies (and not the ones used between web browsers and web applications).

The attacks described above provide great return on investment (ROI) for attackers. By compromising one system and stealing the CA certificate, they can often turn around and compromise several more systems. The attacks tend to remain undetected for some time as they implement valid certificates that do not generate web browser errors. Fortunately, once the compromised certificate has been identified, it can be revoked, making future usage invalid. In addition, the offending certificate can be identified and revoked in your environment.

Finding Compromised Certificates

Nessus has several plugins to detect this type of vulnerability, including:

Three more SSL CA certificates were compromised, and associated Nessus plugins exist to detect them:

One further condition related to SSL certificates, can also be detected by Nessus. As the description states, "These signature algorithms are known to be vulnerable to collision attacks. In theory, a determined attacker may be able to leverage this weakness to generate another certificate with the same digital signature, which could allow him to masquerade as the affected service."

Conclusion

SSL is a protocol based on trust, and when a CA certificate is compromised, the chain of trust is broken. Attacks against SSL can compromise sensitive data and credentials, making them a high-risk threat to your infrastructure. By applying updates from the vendors and certificate authorities, the chain of trust can be repaired. To ensure that all of the updates have been implemented, Nessus and SecurityCenter customers can check for compromised certificates as part of our continuous monitoring platform.