In the wake of Moxie Marlinspike’s SSL talk at Black Hat this summer, another security researcher has used the technique described in the talk to create and publish a valid wildcard certificate and private key that could be used to fool browsers into believing a site is legitimate when it is in fact a fake.
Jacob Appelbaum published the certificate on the Noisebridge mailing list Tuesday, saying that there had been ample time since Marlinspike’s talk for people to patch their browsers against the bug that Marlinspike revealed at Black Hat. In his talk, Marlinspike showed a technique for exploiting a weakness in the SSL certificate infrastructure that enabled him to create a valid wildcard certificate for virtually any domain he chose.
The major browser vendors have since released patches for the problem. So Appelbaum, a well-known security researcher who was involved in a project last year concerning somewhat related problems with SSL and MD5, created a valid certificate that is good for two years for the domain: *x00thoughtcrime.noisebridge.net.
“This is a text file that contains a fully valid, signed certificate (with private key) that can be used to exploit the NULL certificate prefix bug. The certificate is valid for * on the internet (when exploiting libnss software),” Appelbaum said in his message. “The certificate is good for two years. It won’t work for exploiting the bug for software written with the WIN32 api, they don’t accept (for good reason) *!”
Such a certificate could be quite useful for attackers interested in setting up a fake online banking site or similar scam. A vulnerable browser would recognize the certificate as being valid and it would be up to the user to look for inconsistencies in the certificate, which most users would not even know was an option.