Improper Validation of Certificate with Host Mismatch in Java-WebSocket

WebSocketClient Does Not Perform SSL Hostname Validation

Title: Improper Validation of Certificate with Host Mismatch in Java-WebSocket

Versions: <= 1.4.1

Fixed in: 1.5.0

Package URL: Java-WebSocket

Common Weakness Enumeration: CWE-297

Vulnerability Description

In Java-WebSocket versions less than or equal to 1.4.1, the WebSocketClient does not perform SSL hostname validation. This vulnerability allows an attacker to perform a man-in-the-middle (MITM) attack by intercepting the WebSocket connection and presenting a valid certificate from another host. The lack of proper hostname validation means that as long as the certificate is trusted, the connection will be established.

Example Scenario: Man-in-the-Middle Attack

  1. Setup the Vulnerable Application:

    import org.java_websocket.client.WebSocketClient;
import org.java_websocket.handshake.ServerHandshake;

import java.net.URI;
import java.net.URISyntaxException;

public class VulnerableWebSocketClient {
    public static void main(String[] args) throws URISyntaxException {
        WebSocketClient client = new WebSocketClient(new URI("wss://example.com")) {
            @Override
            public void onOpen(ServerHandshake handshake) {
                System.out.println("Opened connection");
            }

            @Override
            public void onMessage(String message) {
                System.out.println("Received: " + message);
            }

            @Override
            public void onClose(int code, String reason, boolean remote) {
                System.out.println("Closed connection");
            }

            @Override
            public void onError(Exception ex) {
                ex.printStackTrace();
            }
        };

        client.connect();
    }
}

  2. Exploit the Vulnerability:

    • An attacker intercepts the WebSocket connection using a MITM tool (e.g., mitmproxy or ettercap).

    • The attacker presents a certificate for a different host that is trusted by the client.

    • Since the client does not validate the hostname, the connection is established, and the attacker can read or modify the data.

  3. Payload Example:

    The attacker can use a tool like mitmproxy to intercept and present a certificate for malicious.com while the client tries to connect to example.com.

    mitmproxy --mode transparent --certs '*.example.com=malicious.pem'

Issue Replication

To replicate the issue, follow these steps:

  1. Setup a proxy to intercept WebSocket connections:

    • Use a tool like mitmproxy configured to intercept and alter SSL traffic.

  2. Intercept the WebSocket handshake:

    • Run the vulnerable client application.

    • Observe that the connection is established despite the hostname mismatch in the certificate.

Fix

Upgrading to Java-WebSocket version 1.5.0 fixes this issue by enabling hostname validation.

Recommendations

  • Upgrade to Java-WebSocket version 1.5.0 or later.

  • Ensure that hostname verification is enabled by default or configure it explicitly in your application.

Remediation Code Example

To ensure SSL hostname validation, configure the WebSocketClient with the appropriate SSL parameters:

Further Information

For further background information on this issue, please see:

Vulnerability Disclosure Timeline

The vulnerability was responsibly disclosed, and a fix was implemented in version 1.5.0, which enables hostname validation by default.

Previousinappropriate TLS Certificate Validation in Faye-WebSocketNextInsecure Cipher Suite

Last updated