« OpenSSH Protocol Pwned | Main | Understanding Microsoft's KB971492 IIS5/IIS6 WebDAV Vulnerability »

Compromising web content served over SSL via malicious proxies

Microsoft research has published an excellent paper describing many browser flaws. The use case primary involves an attacker hijacking the explicitly configured proxy used by the user and via HTTP code trickery
they can access the content on an HTTPS established connection. It also outlines browser flaws involving caching of SSL certs ion combination with some of the previous trickery. Probably one of the better papers I've read in years.

Slides: http://research.microsoft.com/pubs/79323/PBP-oakland-public.ppt
Paper:  http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf

If proxies are your thing (who's aren't they!) I published a paper a couple of months ago on an architectural flaw involving transparent/intercepting proxies at http://www.thesecuritypractice.com/the_security_practice/2009/03/socket-capable-browser-plugins-result-in-transparent-proxy-abuse.html .


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!