SSL keysA new project has produced a large and growing list of the private SSL keys that are hard-coded into many embedded devices, such as consumer home routers. The LittleBlackBox Project comprises a list of more than 2,000 private keys right now, each of which can be associated with the public key of a given router, making it a simple matter for an attacker to decrypt the traffic passing through the device.

Published by a group called /dev/ttyS0, the LittleBlackBox database of private keys gives users the ability to find the key for a specific router in several different ways, including by searching for a known public key, looking up a device’s model name, manufacturer or firmware version or even giving it a network capture, from which the program will extract the device’s public certificate and then find the associated private SSL key.

Craig Heffner, a member of the group who developed the project, posted a link to the database on Saturday on the Full Disclosure mailing list. Users can download the LittleBlackBox code from Google Code. The fact that encryption keys were hard-coded into many embedded devices has been known for some time, but extracting the key and then finding a router that’s using it has been a challenge until now.

“Here’s where it gets fun: many of these devices use hard-coded SSL keys that are baked into the firmware.
That means that if Alice and Bob are both using the same router with
the same firmware version, then both of their routers have the same SSL
keys. All Eve needs to do in order to decrypt their traffic is to
download the firmware from the vendor’s Web site and extract the SSL
private key from the firmware image,” the group said in a blog post accompanying the code release. “Currently LittleBlackBox has over 2,000 unique private SSL keys and
growing, primarily belonging to routers and VPNs. Although at the moment
the vast majority of the keys belong to various DD-WRT firmware, there
are keys from Cisco, Linksys, D-Link and Netgear as well.”

SSL is the default standard for encryption on the Web and is used to secure most transactions online, including e-commerce and online banking.

Categories: Cryptography, Social Engineering, Vulnerabilities

Comments (14)

  1. Ryan
    1

    Ummmm doesn’t this just mean that your SSL’d web management session can now be snooped on home routers?? Maybe if you’re doing a fancy VPN with linksys routers with dd-wrt its an issue. But between websites the ssl connection is between your browser and the web server.

  2. Anonymous
    2

    Ryan is correct.  Pretty dumb to post this article without pointing that out.  It implies all our SSL traffic is now at risk which is not the case.

  3. PacketSpike
    3

    You really think that the poster has to point that out?

    Come on get a real brain, this is like having a phone book with all the dialing codes.

    Makes life easy… Think of it as a data dictionary, and its now at your fingertips.

    My hat goes off to those that have collected them all.

     

  4. Anonymous
    4

    However, if they can hijack your session at the router and point it to their own crafted web page, they can get your login credentials (man in the middle) and then redirect you back to the original page, saying your username/password was incorrect and you try it again, only to get into the correct page this time.  How many times have we had to redo our username/password combination and think nothing of it ?  If I have a fake Bank of America (pick your financial institution) page and can direct your SSL traffic there via a hijacked router, I own your account information.  You wake up the next morning broke.

  5. celtic_hackr
    5

    @Tha Germ,

    Good look using a keystroke logger on a router. I’ve not seen any routers with keyboards. Not saying they don’t exist, but I haven’t seen one.

  6. Anonymous
    6

    He doesn’t mean a keystroke on the router.  The router grants access to the rest of the network.  From there they can probe the network looking for computers without individual firewall software and load the keystroke logger there.  Game/set/match.

  7. Anonymous
    8

    The device SSL cert is used for accessing the administrator console primarily.  It is meant to protect the privacy of the administrator password, and any configuration settings that go into the router. If you have the SSL key, you can (a) decrypt the session data passively, and find the router password that the user has set, (b) hijack an active SSL connection and enter your own configuration data, (c) redirect the user to a fake login screen and present them with the trusted certificate.  Having the SSL private key does not bypass the router’s authentication
    requirement.  It just sets up a tunnel.  You still need the router
    password.

    Observations:

    1.  If your goal is compromising the user’s router, you never need to do (b) if you can do (a) or (c). Just get the password, log in later at will.

    2. Most users do not use the admin screen, and if so, they rarely stray from the default password.  [On one router, I had to click on 3 separate screens to find the "change password" option.  IMHO, it should be the FIRST thing that comes up on a new router.] Also, most users just “click past” the certificate warning dialogs, and will trust any damned cert you give them, so choice (c) is trivial using your own cert.  That is, “trivial” if you have that rare breed of user that actually logs in and manages their router configuration.

    3. To do (a) or (b), you need wireless proximity to the admin’s wireless card if they’re configuring the router over wireless (problematic at best, I’ve cut myself off before quite easily!).  If the admin is connecting via a cabled connection to the router, you need physical presence on the switch.  This reduces likely attacks to wardriving or insiders.  To exploit the password, you need the same wireless or physical presence, unless they’ve also enabled remote access control.

    Not a huge threat.

    Actually, I bought a recent Netgear box, and it doesn’t even bother with SSL access.  “How odd,” thought I, until I realized how weak the SSL security feature is for most users.

     

  8. Anonymous
    10

    Even using techology like IPsec for VPNs the private SSL keys are only used for authentication, doesn’t mean a third party can decrypt your IPSEC traffic.

    The fact that someone can eavesdrop your connection to the ROUTER/AP means that they are “trusted” because have access to the LAN ( Ethernet , 80211a/b/g ) .

  9. Anonymous
    11

    Yeah, but I don’t think you’ll need the router’s private key for that, I don’t think you’d need a certificate at all… If you don’t verify the correctness of the server’s certificate, it’s your own fault that you enter your credentials to a faked page.

  10. Tha germ
    12

    It means I can gain access to your router…fish around until I find access (and I will find access) Then I will install programs that will hunt down even greater access (and they will) then I will install a keystroke recorder and steal, well, anything I please.

  11. Comkid
    13

    I would rather just use JS injection into the page, deadly and unnoticeable, it’ll automatically get send me your user & password when you click on Submit/Login :P

  12. Anonymous
    14

    “Not a huge threat” – let me qualify that.  Not a huge threat to the home user.

    However, attackers can impersonate end-points now.  I can install the “stolen” cert into my own custom device that has authentic-looking screen printing on it, and sell it to you on e-bay.  With that, I can own your network, snoop your plaintext traffic, analyze who you’re talking to on your encrypted sessions, build a complete profile of you at will.  And why do you trust my device?  Because you bothered to connect to the management interface, and was presented with the certificate that says “Linksys” router or whatever, and so you believe in the authenticity of the device.

    But you must realize the cost of doing this.  Would be interesting to see if one of the OpenWRT or DD-WRT projects could test installing this stolen cert, and see what happens.

    Actually, that’s a pretty spooky threat – resell WRT54G boxes on e-bay that contain custom firmware that looks like the real thing, but does nefarious other stuff to the traffic or takes surreptitious directions from somewhere on the Internet.

     

     

Comments are closed.