Skip to content

Instantly share code, notes, and snippets.

@SDx3
Last active January 16, 2020 10:03
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
Star You must be signed in to star a gist
Save SDx3/e98af258fe39b995b77bd88b04eacd04 to your computer and use it in GitHub Desktop.
CVE-2020-0601

CVE-2020-0601

A serious issue in the way Windows handles digital certificates.

Here's a quick mathematical explanation of the issue:

The bug exploits crypt32.dll signature verification on elliptic curve. crypt32.dll only checks for matching public key and parameters, but not the generator G.
The private key is d = [1, n - 1], where n is order of the curve
The public key is Q = dG.
The generator G is defined for each curve, but the bug allows your to specify your own generator.

This description comes from a GitHub repository where you try this for yourself.

On Twitter there is also an explanation for people with zero crypto knowledge.

So the Windows library is incapable of doing signature verification. In less technical terms, it means that you can forego a valid signature on digital certificates. These signatures verify the truth as it's presented in the certificate. For example, the certificate for quovadis.nl is SIGNED by Quovadis. Without this signature, the certificate is not valid. I can create my own certificate for quovadis.nl, but nobody would accept it.

As it turns out, the issue as described above makes it possible to present a certificate with an invalid signature. And Windows will happily accept it! Attached is an example for GitHub.com, the well-known Microsoft service for software development.

Another example makes it possible to fake the digital signature on executable files. I could present you with a calc.exe that is supposedly signed by Microsoft. Our virus scanners, firewalls and other systems would happily let you download this file: the signature verification on those systems, if Windows based, is broken as well. An example is in the same repository

This is a huge problem. Any virus scanner, firewall, loadbalancer, Z-scaler, proxy or any other security device that is Windows based (and this includes all workstations) are seriously vulnerable to spoofed digital signatures.

The first proof-of-concepts can already be seen in the wild and it will take no time for people to actively start to exploit this.

We don't need to be hacked to suffer from this. We also don't need to be involved to suffer the consequences of this issue. For example, it would be possible for an attacker to spoof the organisation's website (as we have seen before in phishing attempts) but include a Extended Validation certificate that Windows will accept. This is bad. Worse, our own workstations are vulnerable as well.

I can only urge you to patch any and all Windows system right away.

More sources below:

  1. https://github.com/ollypwn/cve-2020-0601
  2. https://twitter.com/kennwhite/status/1217186865016602632
  3. https://nvd.nist.gov/vuln/detail/CVE-2020-0601
  4. https://msrc-blog.microsoft.com/2020/01/14/january-2020-security-updates-cve-2020-0601/
  5. https://www.emerce.nl/wire/microsoft-windows-cryptoapi-spoofingkwetsbaarheid-cve20200601-opsporen-herstellen
  6. https://www.ncsc.nl/actueel/nieuws/2020/januari/14/installeer-patches-van-microsoft-voor-cryptoapi-en-rdp-gateway
  7. https://gist.github.com/SwitHak/62fa7f8df378cae3a459670e3a18742d
  8. https://twitter.com/CiPHPerCoder/status/1217513543664316416
  9. https://github.com/kudelskisecurity/chainoffools
  10. https://twitter.com/matthew_d_green/status/1217246161440051200?s=20
  11. https://github.com/kudelskisecurity/chainoffools
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment