Professional Documents
Culture Documents
Visual Security Is Feeble For Anti-Phishing
Visual Security Is Feeble For Anti-Phishing
Visual Security Is Feeble For Anti-Phishing
Chun-Ming Leung
Department of Information Engineering
The Chinese University of Hong Kong
Shatin, N. T., Hong Kong
lcm007@ie.cuhk.edu.hk
Abstract—Addressing recent online banking threats, the banking the phishing technique is also evolving, Secure Token was found
industry offers us several solutions for our safety online banking vulnerable to Real-Time Man-In-The-Middle(RT-MITM) Attack[6]
experience, however those solutions may not finally secure the users
in 2005. For the fall of Secure Token by RT-MITM, we will describe
under the rising threats. The main challenges are how to enable safe
online banking on a compromised host, and solving the general ignorance it in the later section.
of security warning. Beside of authenticate the user, there is also needed to authenticate
CAPTCHA is primarily used to anti bot automated login, also, the bank. Bank of America(BoA) tried to take a leading role in
CAPTCHA base application can further provides secure PIN input fighting phishing, In 2005, BoA firstly role out SiteKey [7] to address
against keylogger and mouse-logger for Bank’s customer[1].
Assuming users are always unconscious of security warning in our the issue, which was originally invented by RSA lab. However, the
model, we have designed a series of attacks and defenses under this SiteKey was doubted it can achieves its target [8], since it obviously
interesting condition. risks suffer from MITM attack.
In this work, we will start by formalizing a security defense utilizing Recently, the idea of Human Interactive Proof(HIP) is used to
CAPCTCHA, its limitations are analyzed; Then, we will attack a local
fight against phishing [9]. There is an CAPTCHA application used
bank employing CAPTCHA solution, which we show how its can
be bypassed from its vulnerability in its implementation. We further in online Banking[1], however, the application may not achieves its
introduce - Control-Relaying Man-In-The-Middle(CR-MITM) attack, a initial goal when facing the rising threat of phishing techniques such
remote attack just like a Remote Terminal Service that can capture and as RT-MITM.
relay user inputs without local Trojan assistant, which is possible to In this paper, start by attacking the careless CAPTCHA imple-
defeat CAPTCHA phishing protection in the future.
Under our model, we conclude, visual security defense alone is feeble mentation of BEA online banking, we argue CAPTCHA alone is
for anti-phishing. not a panacea in dealing with the phishing threat. In the coming
Keywords- Phishing; Man-In-The-Middle (MITM); CAPTCHA; section, we will have a detail analysis on these issues.
Authentication; Implementation Flaw; Online Banking
A. CAPTCHA - Completely Automated Public Turing test to tell
I. I NTRODUCTION Computers and Humans Apart
Since the first phishing term was record at 1996 which was The base of CAPTCHA is to use hard AI problem to distinguish
hunting for free AOL account, phishing is having a increasing Human and bot apart [10] which was originally evolved from Visual
tendency over the years. It then evolutes to financial fraud quickly, as authentication and identification.
the criminals are always aim for high yield. Luckily, with the pursuit The primary use of CAPTCHA is to fight against auto-bot in
of online banking, the banking industry is always motivated to play Account Registration and Click Fraud.
a leading role in fighting phishing threat. However, the reported loss Since the mature cryptographic techniques are ineffectual when
to Internet Crime such as phishing has broken its record each year, facing user ignorance[2], there are a tend of applying CAPTCHA
which was up to US$239 Million lost in 2007. It is telling us that ideas in Phishing defense [11], [1], detail see related work.
we are still looking for a better solution. In fact, visual human verifiable techniques(e.g. SiteKey[7])
To confirm a destination it claim to be, the most trustworthy are vulnerable to MITM attack[8]. Also, careless CAPTCHA
technique is the use of Digital Certificate, which the certification implementation[1] can leads the application fail to achieve its
binding its public key together with an identity. The banking industry mission.
started to implement Digital Certificates in 2002, however, this In the rest of sections, we will demonstrate how to break an
trustful solution is always ignored by user [2]. An incident of HSBC application[1] by exploiting its implementation flaw.
on 4th March 2008, that one of the world biggest bank has forgotten B. Man-In-The-Middle Attack
to renew its Digital Certificate [3], but it claimed its online banking
for their customers still not affected. As we can imagine how many In history, the earliest Man-In-The-Middle(MITM) Attack is a
users ignored the warning of invalid Digital Certificate and had their cryptographic term, where MITM has the following abilities:
online banking as usual in that day. 1) Eavesdrops and Intercepts all messages going between the
Notice that the Digital Certificates solution is a one-way authen- victims;
tication of the bank, customers are rarely have their own Digital 2) Relays messages between them.
Certificates. Obviously, the identity of customer is still threatened In short, MITM attack make the victims believe that they are directly
by identity theft (e.g. Keylogger on infected machine) as since the talking to each other in a direct connection without indicate the
old age. existence of middle man.
In 2005, One-Time-Password(OTP) based Two-factor authenti- One famous MITM attack on cryptographic Public Key Infras-
cation solution - Secure Token was delivered to bank customer tructure(PKI) algorithm is the attack on initial version of Diffie-
[4] to fight against keylogger and phishing. As the worldwide Hellman algorithm[12] in 1976, which the secure parameters g x g y
encouragement of Two-factor authentication in the same year[5], exchanged have no actual authentication mean, such that risk suffer
from MITM attack. The attack scenario was also well described on
the publication of it advanced Authenticated Key Exchange(AKE)
version[13]. Which in the AKE version of DH algorithm, Diffie
etal. combine the use of Digital Signature and random number to
authenticate each parties. This lesson telling the fact that a secure
protocol without actual authentication will risks suffer from MITM
attack.
MITM can be at user interface layer visually, Schneier [6]
described a RT-MITM attack at user interface layer in 2005, which
can defeat 2 factor secure token: An attacker setup a fake bank
website, and entices a user to that website just like Phishing. When (a) Login Page (b) Scrambled Number-pad.
user types his ID, password, including the 2nd factor (e.g. security
Fig. 1. Propertie of BEA Cyber Banking
token), then the attacker uses it to access the legitimate bank’s
website simultaneously. The scenario is also true for attacking SMS
challenge code, as victim can type the code on phishing site, it can
We will show how RT-MITM attack can compromise a
be relayed. The protection of the 2nd factor becomes nothing to this
CAPTCHA plus 2nd Factor protection scenario.
kind of online active attacker. The attack is classified as an Online
We found another type of Online MITM attack we named Control-
Doppelganger Attack[14] to further distinguish this type of relaying
Relaying MITM attack, which is not going to relay the victim
attack between the traditional cryptographic MITM attack.
creditential, instead, it relay the User Control to Hacker machine.
In this paper, we will analyze the abilities of current anti-phishing
solutions against the most recent internet security threats. A. CAPTCHA against Auto-bot
C. Our contribution BACKGROUND: Web services are abused by Auto-bot, for the
availability of service to Human, we want to distinguish Human and
In this paper, we make the following contributions:
AI to prevent abuse and spam.
1) Current CAPTCHA solutions used against phishing are ana- H YPOTHESIS
lyzed;
• Hard AI problem such as Character Recognition can be easily
2) Demonstrate an attack on a careless CAPTCHA implemen-
done by Human but not auto-bot.
tation of a Local Online Banking, which the CAPTCHA
• Applying AI problem during the authentication process, we can
challenege can be bypassed;
guarantee Human present at other side.
3) Future attack - Control-Relaying Man-In-The-Middle(CR-
MITM) attack, a remote attack that can capture and relay P ROCEDURE
user inputs without local Trojan assistant, which may possibly • Define a Hard AI problem which human can solve but AI
V ULNERABILITIES
• In the submission procedure, we found that the user mouse in-
• The number-pad image is static which can be recognize by
puts on CIS are finally transformed to string variable (pwdField)
OCR easier than other CAPTCHA.
in PINBoxApplet class(fig. 3), and then pass to LogonApplet
• Both CAPTCHA and Password is relay-able and vulnerable to
class for further PIN encryption.
RT-MITM attack.
• As LogonApplet accept plaintext password string input from
• Java Applet is subject to decompilation and reverse engineering,
PINBoxApplet. It can also accept any string input(fig. 4),
leaking secure algorithm may risks beaching of system.
it is possible to bypass CIS in PINBoxApplet, which the
C. Bypass CAPTCHA Input System of BEA LogonApplet can be accessed directly to produce encrypted
BACKGROUND: BEA Password Input System take advantage of PIN.
CAPTCHA properties. However, careless implementations might • By modifying PIN passing algorithm in Java Applet, it is
make their CAPTCHA system to be bypassed or easily broken by possible to allow password input without mouse clicking on
OCR. In this section, we evaluate the CAPTCHA Input System of Moving Number-pad, but still able to utilize the PIN encryption
BEA by Reverse Engineering, and then propose an attack to bypass algorithm.
its CAPTCHA protection. • Downloaded Java Applet is cached and stored in defined
P ROCEDURES AND P ROPERTIES OF BEA’ S CIS (fig. 2): location by Java Control Panel (JCP). Although JCP will check
Client connect Bank Server by HTTPS through browser, Server side the integrity of Downloaded Applet before run the cached
use JAVA Servlet to generate dynamic page with Java Script for Applet, however, if the Applet is intercepted and replaced
client browsing; Inside the Applet, its PIN text field is protected, by a modified one during it first download, there is nothing
which only accept key input from on-screen keyboard and moving JCP can do 1 (fig. 5). Then the modified applet can exploit
Number-pad. In the source code of Login Page, there are essential the PIN Encryption Java class as an input interface, it finally
input-parameters such as AcctNo, EncPINBlock and others used bypasses the Moving Number-pad algorithm, then input PIN
for encryption are stored in Hidden-Field; Input-parameters are string directly to PIN Encryption Java class.
further processed by Java-Applet named PINBoxApplet.class, which We will prove our concept by demonstrating an attack replacing
is included in webpin.jar downloaded from server and stored locally the new Applet version by its older version.(fig. 6)
on the client. Finally, the Login Form will be submitted by POST In summary, bypassing the CIS can be done in 2 stages: (1) Setup
submission method; a Modified Applet which can bypass CIS; (2) Replace legitimate
H YPOTHESIS OF OUR ATTACK Applet by the Modified CIS bypassing Applet.
• Java Applet can be decompiled and analyzed, hence source code ATTACK S ETUP
inside applet can be modified. • Analyze Login page of online Bank, download and decompile
• By Reverse Engineering, we found that PIN construction are the Java Applet Password Input System named (webpin.jar).
separated in 2 java classes: PINBoxApplet class is for PIN • By modifying PIN passing algorithm in Java Applet(fig. 4).
string concatenation by Moving Number-pad, LogonApplet The modified Applet can allow password input without mouse
class is to generate encrypted PIN. clicking on Moving Number-pad (because LogonApplet accepts
The login Java Applet is designed to be reusable, it make its plaintext password string input), but still able to utilize the PIN
output unique by learning hidden parameters (Public Exponent, encryption algorithm.
Modulus, Challenge) and use them to encrypt the user PIN
input. 1 BEA JavaApplet can be replaced by WebScarab[16]
this work, we will show the CAPTCHA Input System of BEA will
be defeated by RT-MITM even it implements the OTP 2nd factor au-
thentication. Base on current implementation of BEA login system,
plus a One-Time-Password input field using Scramble Number-pad.
H YPOTHESIS
• CAPTCHA images can be relayed and vulnerable to human
Fig. 4. Procedure of PIN Encryption: LogonApplet accept plaintext
password string input from PINBoxApplet. solver, and victim himself is human and willing to solve the
CAPTCHA for his login purpose.
• Even further authenticate client by One-Time-Password, but
OTP can also be relayed.
If hacker gains ID, PIN and OTP, hacker can gain access to legitimate
server simultaneously.
P ROCEDURE
• Hacker setup a Phishing website to phish for victim creditential.
• Hacker server establish connection with legitimate server during
Fig. 5. Implementation of Java Applet Replacement Attack. phishing, and capture login screen.
• The image of the scramble Number-pad is relayed to victim,
mouse click positions are memorized. Those mouse clicks are
regenerated on hacker server.
• Hacker server submit captured ID, PIN and OTP to legitimate
server simultaneously, access granted.
G ENERALIZATION: As both CAPTCHA and OTP 2nd factor can
be relayed, they can not defend RT-MITM attack.