Hasty Briefsbeta

Bypassing TLS Certificate Validation with Ld_preload

13 hours ago
https://f0rw4rd.github.io/posts/tls-noverify-bypass-all-the-things/
Copy Link
  • #Linux
  • #Security Research
  • #TLS
  • Introduces tls-preloader, a tool to bypass TLS certificate validation on Linux using LD_PRELOAD.
  • Supports multiple TLS libraries including OpenSSL, GnuTLS, NSS, mbedTLS, and wolfSSL.
  • Useful for security research, debugging embedded systems, and analyzing network traffic.
  • Explains the dynamic linking process in Linux and how LD_PRELOAD intercepts function calls.
  • Details technical implementation, including intercepted functions and debugging with LD_DEBUG.
  • Lists practical applications like security assessments, IoT device analysis, and development testing.
  • Covers installation and example commands for using the tool with applications like curl and Firefox.
  • Discusses limitations, including incompatibility with statically linked binaries and certain languages.
  • Explains why LD_PRELOAD doesn't work with sudo due to security restrictions (AT_SECURE).
  • Provides a case study demonstrating the tool's effectiveness with Firefox and BadSSL.com.
AboutLogin