Comments (7)
rbsec
commented on July 17, 2024
Can you connect to the service with the statically build version of OpenSSL that sslscan is using (openssl/apps/openssl)?
Something like:
openssl s_client -connect host:port -ssl2 -cipher EXP-RC2-CBC-MD5 -debug -state
If so, can you prove the output of that command?
from sslscan.
rstocktox
commented on July 17, 2024
This isn't all, hope this helps:
# ./openssl s_client -connect 10.10.10.9:5061 -ssl2 -cipher EXP-RC2-CBC-MD5 -debug -state
CONNECTED(00000003)
SSL_connect:before/connect initialization
verify error:num=18:self signed certificate
SSL_connect:error in SSLv2 read server hello B
1403286666666666:error:1406D0B8:SSL routines:GET_SERVER_HELLO:no cipher list:s2_clnt.c:449:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 698 bytes and written 35 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : SSLv2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1457085429
Timeout : 300 (sec)
Verify return code: 18 (self signed certificate)
---
from sslscan.
rstocktox
commented on July 17, 2024
Just FYI,
tlsfuzzer uses this logic:
# we can get a ServerHello with no ciphers:
node = node.add_child(ExpectServerHello2())
# or we can get an error stright away, and connection closure
node.next_sibling = ExpectSSL2Alert(SSL2ErrorDescription.no_cipher)
node.next_sibling.add_child(ExpectClose())
alternative = node.next_sibling
# or the server may close the connection right away (likely in
# case SSLv2 is completely disabled)
alternative.next_sibling = ExpectClose()
alternative = alternative.next_sibling
# or finally, we can get a TLS Alert message
alternative.next_sibling = ExpectAlert()
alternative.next_sibling.add_child(ExpectClose())
# in case we got ServerHello, try to force one of the ciphers
node = node.add_child(ClientMasterKeyGenerator(cipher=cipher_id))
# it should result in error
node = node.add_child(ExpectSSL2Alert())
# or connection close
node.next_sibling = ExpectClose()
# in case of error, we expect the server to close connection
node = node.add_child(ExpectClose())
from sslscan.
rstocktox
commented on July 17, 2024
Just FYI,
test the same server and port with NMAP and the sslv2 script (https://nmap.org/nsedoc/scripts/sslv2.html):
# nmap -n -P0 -sV -p 5061 --script sslv2.nse 10.10.10.9
Starting Nmap 6.47 ( http://nmap.org ) at 2016-03-04 13:20 CET
Nmap scan report for 10.10.10.9
Host is up (0.078s latency).
PORT STATE SERVICE VERSION
5061/tcp open tcpwrapped
| sslv2:
| SSLv2 supported
|_ ciphers: none
from sslscan.
rbsec
commented on July 17, 2024
sslscan, OpenSSL and Nmap all fail to connect using EXP-RC2-CBC-MD5, so either there's a very strange (buggy) SSL stack on the server, or it's a false positive with tlsfuzzer.
What's the server running? Can you verify server-side whether that cipher is actually supported?
from sslscan.
rstocktox
commented on July 17, 2024
I'm sorry but I'm unable to answer your questions, the server is not under my domain :(
from sslscan.
rbsec
commented on July 17, 2024
Given that sslscan, OpenSSL and Nmap all say that this cipher isn't supported, and the lack of evidence to the contrary, this looks like a bug in tlsfuzzer, so I'm closing this issue. You may wish to raise it as a bug in tlsfuzzer.
from sslscan.
Related Issues (20)
- fatal error C1083 HOT 2
- connected to service but Displaying all TLS Protocol disabled. HOT 7
- Provide precompiled binaries for Linux, Mac HOT 3
- RHEL install with yum HOT 3
- providing a list with --targets doesnt work as only the first item on the list is being check upon HOT 1
- [Question] Cipher strength levels HOT 4
- False Positive 'TLS1.3 Server accepts all signature algorithms'
- gcc-13 warning: 'secondMethod' may be used uninitialized
- Feature Request : Write "security colors" as a text in XML output HOT 1
- Undocumented GPG verification key.
- Docker build stopped working HOT 2
- TLS 1.2 Cipher Suites not detected HOT 8
- Missing protocol and ciphers HOT 5
- TLS 1.3 Inconsistent results HOT 8
- 403 Sorry, your password was incorrect. Please double-check your password. HOT 1
- "Unable to parse certificate" with version 2.1.1 HOT 4
- Error when COPY --from=builder /lib/ld-musl-x86_64.so.1 /lib/ld-musl-x86_64.so.1: HOT 7
- Windows 2.1.2 release zip file contains 2.1.1 pre-compiled binary HOT 9
- Failure when scanning [::1] due to SNI HOT 2
- Suggestion: show also intermediate certificates HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sslscan.