Detect Bypass Vulnerabilities in Cellular Isp Filtering System

Detect Bypass Vulnerabilities in Cellular Isp Filtering System

MANSOURA UNIVERSITY – FACULTY OF ENGINEERING ELECTRONICS AND COMMUNICATIONS ENGINEERING DEPARTMENT DETECT BYPASS VULNERABILITIES IN CELLULAR ISP FILTERING SYSTEM B. Eng. Final Year Project BY Mohamed Yasser Mohamed Mohamed Gamal Yasien Abdallah Ahmed Abdalaleem SUPERVISOR Assis. Prof. Ahmed Elnakib July 2016 ACKNOWLEDGEMENTS First and foremost, we would like to express our gratitude and appreciation to Dr. Ahmed Elnakib for his support, outstanding guidance and encouragement throughout our senior project. We would also like to thank our family for their encouragement, patience, and assistance over the years. We are forever indebted to our parents, who have always kept us in their prayers. ABSTRACT Cellular internet service provider URL filtering bypass attacks are a set of web vulnerabilities to exploit the web application’s security, by sending a specially crafted HTTP request or inserting a malicious payload into the web application. Their purpose is typically to gain elevated right of entry in order to access filtered sites or get unlimited browsing. This report looks at some of the most common bypass attacks containing the most predominant exploitation outcomes. Subsequently bypass detection and prevention techniques are outlined as a proof of concept. Furthermore, the project will develop a proxy tool to perform security testing and detecting these types of attacks. We will explore how to build the tool and use it for testing. Finally, this report includes remediation tips to fix and patch detected vulnerabilities. TABLE OF CONTENTS LIST OF FIGURES ........................................................................................................................ III LIST OF TABLES .......................................................................................................................... IV GLOSSARY ........................................................................................................................................ V 1 INTRODUCTION .................................................................................................................. 1 1.1 Motivation ............................................................................................................... 1 1.2 Objectives ................................................................................................................ 2 1.3 Project background ................................................................................................ 2 1.3.1 Overview of HTTP ............................................................................................................ 2 1.3.2 Web injections ................................................................................................................... 5 1.3.3 HTTP header injection ....................................................................................................... 6 1.4 Summary ................................................................................................................. 7 2 CREATE BASIC HTTP PROXY .......................................................................................... 9 2.1 Project framework ................................................................................................. 9 2.2 Important built-in python modules .................................................................... 11 2.2.1 Base HTTP server module (BaseHTTPServer) ............................................................... 11 2.2.2 Socket server module (SocketServer) .............................................................................. 11 2.2.3 Socket module (socket) .................................................................................................... 13 2.2.4 URL parse module (urlparse) ........................................................................................... 13 2.3 basic proxy ............................................................................................................ 14 2.4 Summary ............................................................................................................... 14 3 DETECT BYPASS VULNERABILITIES .......................................................................... 15 3.1 Types of bypass attacks ....................................................................................... 15 3.1.1 Modifying request headers ............................................................................................... 15 3.1.2 HTTP Injection ................................................................................................................ 16 3.1.3 Modifying URL ............................................................................................................... 17 3.2 Perform penetration testing ................................................................................ 18 3.2.1 Modify the proxy tool for security testing ....................................................................... 18 3.2.2 Information Gathering...................................................................................................... 18 3.3 Remediation tips ................................................................................................... 19 3.4 Summary ............................................................................................................... 20 4 EXPERIMENTS ................................................................................................................... 21 4.1 Discovered bugs .................................................................................................... 21 4.1.1 Bypass Vodafone captive portal....................................................................................... 21 4.1.2 Vodafone host header trick .............................................................................................. 22 4.1.3 Vodafone front query trick ............................................................................................... 23 4.1.4 Freebasics.com vulnerability in Etisalat Egypt ................................................................ 25 4.1.5 Back inject vulnerability in Etisalat Egypt ....................................................................... 26 I 4.1.6 Browse all websites on social bundles ............................................................................. 27 5 GUI DESIGN AND FEATURES ......................................................................................... 29 5.1 GUI design ............................................................................................................ 29 5.2 GUI Features ........................................................................................................ 29 6 CONCLUSIONS AND FUTURE WORK ........................................................................... 34 6.1 conclusions ............................................................................................................ 34 6.2 future work ........................................................................................................... 34 REFERENCES ................................................................................................................................... 35 II LIST OF FIGURES Figure 1-1: HTTP request-response behavior ................................................................................3 Figure 1-2: General format of an HTTP request message .............................................................4 Figure 1-3: URL components ........................................................................................................5 Figure 1-4: Types of Web injections..............................................................................................6 Figure 2-1: Main idea of bypass vulnerability ...............................................................................9 Figure 2-2: Framework ................................................................................................................10 Figure 3-1: Find ISP proxy server................................................................................................19 Figure 4-1: Redirection to captive portal at zero balance ............................................................21 Figure 4-2: Vodafone bug using Google trick .............................................................................22 Figure 4-3: Security auditing to Ana Vodafone application ........................................................23 Figure 4-4: Vodafone bypass using official website ....................................................................24 Figure 4-5: Reporting a bug .........................................................................................................24 Figure 4-6: Front query trick ........................................................................................................25 Figure 4-7: Reporting Free basics bug to Etisalat ........................................................................26 Figure 4-8: Etisalat back inject bypass ........................................................................................27 Figure 4-9: Browse all sites on a social bundle............................................................................28 Figure 4-10: Front inject attack on social bundles .......................................................................28 Figure 5-1: GUI main window .....................................................................................................30

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    49 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us