Going OPAQUE: How to ruin the SOC’s day

Abstract

Many Remote Administration Tools rely on the integrity of TLS or assume that there is some mechanism available to distribute public keys. When working in a corporate network, this is in general a bad assumption. If the SOC can decrypt your traffic, it becomes almost trivial to identify something in the communications to flag them as malicious. If public keys need to be hardcoded, then the private keys must be stored on every server the agent might talk to. If one C2 is compromised, then the agent becomes burned. What then is to be done? Thanks to a paper from Eurocrypt 2018 (that for whatever reason has not seen widespread adoption), pentesters now have an incredibly powerful tool at their disposal. Using OPAQUE, an oblivious Asymmetric Password Authenticated Key Agreement, it is now possible to establish sessions with a C2 server without relying on PKI, revealing a password, a password hash, a salted password hash or even salt during agent registration and authentication. This talk considers the practical application of such a scheme to establishing Command and Control of a compromised system during an authorized security engagement.