nsa and vpn
TRANSCRIPT
NSA and VPN
NSA and VPNs
A recent article on [Der Spiegel] show lots of new attacks
SSL/TLS
PPTP
IPSEC
SSH
http://www.spiegel.de/international/world/nsa-documents-attacks-on-vpn-ssl-tls-ssh-tor-a-1010525.html
The Program
Falls under the "Office of Target Pursuit" (OTP)
Named OTP VPN Exploitation Team
Now called OTTERCREAK
TOYGRIPPE: repository of VPN metadata of systems of interest
• includes machine fingerprint and the VPN service connected to (e.g. PIA)
BLEAKINQUIRY: repository of potentially exploitable VPNs
• unclear if this means list of VPNs on the internet, or common configurations
XKEYSCORE: common source of VPNs to exploit but includes random people like you and I
• don't use it as a primary attack source unless necessary due to legal hoops they have to go through
The Workflow
Analyst targets someone (e.g. me) and find that it's using a VPN
Analyst must come up with a way to collect inbound and outbound traffic of the target
Calls up OTP VPN Exploit Team
They look at the metadata (traffic fingerprinting), define the attacks, and search through collection sources
• TOYGRIPPE: has a list of all the VPN metadata• PINWALE: long term collection of “SIGINT”• XKEYSCORE: raw packet captures from everyone• VULCANDEATHGRIP: raw packet captures for VPNs• FOURSCORE: repo for PPTP• CORALREEF: database of PSKs for VPNs
Decrypt traffic and return the results (passive or active)
TOYGRIPPE
Lets an analyst search through tons of metadata from a variety of collection sources
• MUSCULAR• UKJ-260D??
Focused on IPSec, PPTP, and ViPNet (Vodaphone)
Example of using TOYGRIPPE to find VPN metadata
IR = IRAN
S = source port 1037
Sites where the data was collected
IPSEC Review
IPSEC VPNs are the most common in enterprise environments
Uses a Pre Shared Key (PSK) or a Public Key cert (PK)
ISAKMP/IKE packets perform a handshake for a temporary key for your session
ESP packets are the actual encrypted data
Example IPSEC: FTM 1
“Follow the Money” FTM target 1
Implanted keyloggers and other hardware but it didn’t work
Called up TAO who owned them and recovered the configuration files of the VPN including PSKs
• Can now “passively exploit” which should mean decrypt VPN traffic
Example IPSEC: FTM 2
TAO owns the router
Network Security Products “implant” allows passive exploitation
• This implies that it’s a way of collecting the temporary keys (IKE/ISAKMP) values• Maybe making them predictable or fucking up their handshake
Results in ESP packets being decrypted raw
PPTP Review
Microsoft Point To Point Tunneling Protocol
Owned years ago by Moxie and others
Outdated but still used
Control channel operates on 1723
Data channel is sometimes port 47 (GRE-Next Protol)
Example PPTP: Airlines, Telcos, Governments
The slides just list all of these sites that have been owned, implying that they have a protocol level exploit
Iran Air
Royal Jordanian Air
Transaero Airlines
Mexican Embassy
Pakistani General Intelligence
Turkish Embassy
Afghanistan Government (apparently the whole thing)
More Example PPTP
Zaad Financial bank
Kabul lBank
BNI Banking Indonesia
And so on…
TL;DL
These files are from at around 4-2011 and some of them are older
Most of the exploitations are not VPN destroying, just concerning
The team seems mainly to implement attacks using other people’s exploits
• Decrypt TLS when TAO collects the private keys• Decrypt IPSEC when the PSK is discovered• Decrypt SSH when the private keys are found
They (probably) can’t…
• Own all VPNs with a single click• Own your personal VPN• Own SSH and TLS automatically
TL;DL: They Can…probably
See that you are on a VPN, which VPN, and if that VPN has an exploit
Own you completely via PPTP
Capture your VPN traffic and try to decrypt it later
Call up TAO or NSP to implant something on your network that would make your VPN owned
Decrypt SSH tunnels with the help of TAO or NSP
Decrypt SSL/TLS tunnels with the help of TAO or NSP
Lookup your router and see if there is an exploit for it
Pay attention to large VPN providers to exploit them including your traffic
Defense
1. Run your own private VPN on VPS
• Good for increasing the effort to exploit you• Bad because it’s cloud• Bad because all your traffic is directly attributed to you
2. Use a VPN service like PIA
• Good because it’s cheap and difficult (>0) to tell which is your traffic and which is someone else’s• Good because it doesn’t allow your ISP to see your traffic• Bad because the bigger the target the more likely you will “tasked”
3. Tor
• Good because anonymity• Bad because un-realistically slow