Click here to load reader
Upload
muneaki-nishimura
View
2.034
Download
2
Embed Size (px)
Citation preview
HPKP Supercookies
Shibuya.XSS in Security Camp Forum 2015
Sony Digital Network Applications, Inc.
Lecturer of Security Camp 2014
http://www.radicalresearch.co.uk/lab/hstssupercookies
HTTP Cookie
HSTS
2
HSTSHPKP
SNIHPKP
HPKP Supercookies
HPKP
HTTPS
Public-Key-PinsHTTP Response
HTTPS
2011CA
ChromeFirefox
example.jp
bit 0.
bit 1. get.
get.
1 2
2
example.jp
bit 0.
bit 1. get.
get.
2
bit0.example.jp HPKP2
example.jp
bit 0.
bit 1. get.
get.
get.bit0.example.jp 1
2 2
1
0/1
return new Promise(function(resolve, reject) {
var xhr = new XMLHttpRequest();
xhr.onload = function() {
resolve( 1 );
}
xhr.onerror = function() {
resolve( 0 );
}
xhr.open('GET', 'https://get.bit' + i + '.example.jp');
xhr.send();
});
0
1
get.bit0.example.jp
2NID
get.bit1.example.jp
get.bit2.example.jp
get.bit3.example.jp
get.bit4.example.jp
get.bit5.example.jp
get.bit6.example.jp
get.bit7.example.jp
1 0 1 1 0 1 1 0
0
0
0
1
1
1
1
1
N=
=182
ID
ID
ID
ID
https://supercookie.csrf.jp
Firefox 34
CAFirefox
http://csrf.jp/misc/cacert_supercookie.der
Firefoxabout:config
security.cert_pinning.enforcement_level : 1 2
security.cert_pinning.process_headers_from_non_builtin_roots : false true