SSH protocol is one of the most used protocols across several organizations to establish a remote terminal login and file transfer.
SSH consists of an authenticated key exchange for establishing the secure channel connection to ensure integrity and confidentiality.
The threat actor can redirect the victim's login into a shell under the attacker's control.
Terrapin attack is a kind of prefix truncation attack in which the initial encrypted packets sent through the secure SSH channel can be deleted without the server or client noticing it.
There are two root causes for this flaw; one of them is the optional messages that are allowed in the SSH handshake, which do not require authentication.
Second, the SSH handshake does not reset message sequence numbers when encryption is enabled.
SSH server authentication uses a signature to verify the handshake integrity.
The handshake is formed with a constant list of handshake messages instead of a complete transcript.
This creates an authentication flaw that allows an attacker to tamper with the handshake and manipulate the sequence numbers.
As specified, the SSH does not sequence numbers during the initial connection.
Instead, it increases sequence numbers monotonically, which is not associated with the encryption state.
Any tampered sequence number before the secure channel goes directly into the channel.
Sequence number manipulation: An attacker can increase the receiver counter, allowing full control of the receive and send counters.
Prefix Truncation attack on the BPP: An attacker can manipulate the sequence numbers to delete a specific number of packets at the initial secure channel without any noise.
Extension Negotiation Downgrade attack: An attacker can manipulate the client into believing that the server does not support recent signature algorithms, which will prevent certain countermeasures from being executed.
Rogue Extension Attack and Rogue Session Attack: An attacker can replace the victim's extension info message with a custom one.
On the other hand, an attacker can also inject a malicious user authentication message, which will log the victim into a shell that is controlled by the attacker, which will give complete control over the victim's terminal.
A complete report has been published, which provides detailed information about the attack scenarios, the results of the attack, and the observed behavior.
This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 20 Dec 2023 11:05:22 +0000