Certificate Pinning in Android

Ineffective Certificate Pinning Implementations | Synopsys 一文介绍了Certificate Pinning在Android中实现的一些Flaw。

简单来说,假如黑客能够用某一个受信任的CA颁发certificate, 它就可以用CA Z颁发证书W。而由于App获取chain-of-trust的方式有误,令到获取回来的证书树,就是W-Z,server 返回的Pin值也按这两个certificate来计算,App就会以为自己的链接是一个合法的连接。

Attack prerequisites

  1. The attacker must be able to intercept network comms.
  2. The attacker must have the private key of a certificate trusted by the host system/device.
  • Compromising a CA or intermediate CA
  • Direct or indirect access to a CA
  • A malicious CA employee
  • Phishing a CA employee
  • Leveraging mistakes in the certificate request process
  • Configuration mistake on the CA
  • Nation-state attackers
  • Phishing a user into installing a malicious certificate in their system’s trusted store
Watch on [YouTube](https://youtu.be/Hn-1-crlEz8)


NIN: 并没有什么干货。

Testing Method

Testing for CVE-2016-2402 and similar pinning issues · John Kozyrakis ~ blog

Tool - [mitmproxy]((https://github.com/mitmproxy/mitmproxy)

  1. Install mitmproxy CA Certificate
  2. Route traffic to mitmproxy
  3. Start mitmproxy with --add-upstream-certs-to-client-chain

mitmproxy --add-upstream-certs-to-client-chain --insecure

Bonus - Extract Certificate / Public Key

certs=`openssl s_client -servername $1 -host $1 -port 443 -showcerts </dev/null 2>/dev/null | sed -n '/Certificate chain/,/Server certificate/p'`
while [[ "$rest" =~ '-----BEGIN CERTIFICATE-----' ]]
 cert="${rest%%-----END CERTIFICATE-----*}-----END CERTIFICATE-----"
 rest=${rest#*-----END CERTIFICATE-----}
 echo `echo "$cert" | grep 's:' | sed 's/.*s:\(.*\)/\1/'`
 echo "$cert" | openssl x509 -pubkey -noout | 
     openssl rsa -pubin -outform der 2>/dev/null | 
     openssl dgst -sha256 -binary | openssl enc -base64



Show Comments