XMPP MitM attack via PLAIN mechanism

Are you testing MitM of an old protocol that starts using clear-text communications?
You should consider spoofing server replies with some downgrade attack!

This old trick still works sometimes against protocols that like:
XMPP, SMTP, POP3 and others

Let’s illustrate this with an XMPP example from the field 🙂

Video Explanation


In XMPP, credentials are not supposed to be sent in clear-text, instead, a challenge-response handshake is performed. For example, something like the following may be sent by the server:

Fig.: Common XMPP Mechanisms

As you can see above, although clear-text is used during the handshake, only DIGEST-MD5 or KERBEROS_V4 are available to send credentials along, hence making the interception of credentials more difficult (vs. pure clear-text).

Please see the XMPP RFC 3920 for more information.

Attack: Clear-text XMPP MitM

Sometimes vulnerable clients may be attacked as follows:

Step 1: The attacker manipulates clear-text XMPP response

For example, during the initial clear-text XMPP handshake, we can say that the only available authentication mechanism is clear-text (PLAIN)

In English, this means the spoofed server reply says: Can you give me your creds please?

Fig.: Plain XMPP Mechanism

Unlike the previous example, in the above XMPP spoofed reply the attacker purposefully specifies the PLAIN mechanism as the only option to authenticate, hence leaving the client with no other option than revealing their credentials to the adversary.

Step 2: The mobile app sends credentials in plain text

In this case, the client was a mobile app vulnerable to this channel downgrade attack, and the clear-text credentials were sent along:

Fig.: Client request with base64-encoded credentials

As you can see above, the base64-encoded string YWJlQDdhc2VjdXJpdHkuY29tAGY1ZGY0ZjY1LTZiM2MtNDk3OS1iM2RjLTA5MWExNjA0MGI1OA==​​ is sent by the client, providing absolutely no security…

Step 3: The attacker base64-decodes the string


How to Fix clear-text XMPP MitM Vulnerabilities?

The first and ideal step would be to tunnel all XMPP traffic through TLS. The TLS protocol will then ensure communications are protected against integrity and confidentiality attacks.
If TLS is unavailable (seriously? in 2023?), the client should refuse to connect, ensuring no clear-text fallback is allowed.

If you liked this, you might also be interested in:

A FREE 4h Workshop: https://7asecurity.com/free-workshop-mobile-practical
• 4h Video recording
• Vulnerable apps to practice
• Guided exercise PDF
• Lifetime access

More free stuff: https://7asecurity.com/free
Get 10% off any course: https://store.7asecurity.com/discount/BLOG10
Store: https://store.7asecurity.com/
Website: https://7asecurity.com/
Upcoming training: https://7asecurity.com/training

Follow us:
Twitter: https://twitter.com/7aSecurity
LinkedIn: https://www.linkedin.com/company/7asecurity/
YouTube: https://youtube.com/@7asecurity409
Facebook: https://www.facebook.com/7asecure