Nmap Development mailing list archives

Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script

From: David Fifield <david () bamsoftware com>
Date: Fri, 19 Feb 2010 13:58:56 -0700

On Tue, Feb 16, 2010 at 09:12:59PM -0600, Mak Kolybabi wrote:

Attached is a script that I have written to enumerate all of the ciphers and
compression algorithms available on an SSLv3/TLSv1.0/TLSv1.1/TLSv1.2 server.


I like this script idea a lot! Here's what I get running against
"ncat -l --ssl -k -v 443 > /dev/null":

443/tcp open  https   syn-ack
| sslv3-enum:
|   SSLv3
|     Ciphers (5)
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_IDEA_CBC_SHA
|       TLS_RSA_WITH_RC4_128_SHA
|     Compressors (1)
|       uncompressed
|   TLSv1.0
|     Ciphers (5)
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_IDEA_CBC_SHA
|       TLS_RSA_WITH_RC4_128_SHA
|     Compressors (1)
|       uncompressed
|   TLSv1.1
|     Ciphers (5)
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_IDEA_CBC_SHA
|       TLS_RSA_WITH_RC4_128_SHA
|     Compressors (1)
|       uncompressed
|   TLSv1.2
|     Ciphers (5)
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA
|       TLS_RSA_WITH_AES_128_CBC_SHA
|       TLS_RSA_WITH_AES_256_CBC_SHA
|       TLS_RSA_WITH_IDEA_CBC_SHA
|       TLS_RSA_WITH_RC4_128_SHA
|     Compressors (1)
|_      uncompressed

(As an aside, Ncat is supposed to use only strong ciphers; does this
look right to people who know? The only one that looks like it might not
fit to me is RC4.)

The script is very well coded. I don't have any trouble understanding
it. I think manually crafting SSL packets is appropriate for this
script.

I think the bind here is a no-op:
        sock = nmap.new_socket()
        sock:set_timeout(5000)
        sock:bind()

You need to put some limit on the read loop, or else parse it
incrementally or something, because you can DOS the script with
"ncat -l --ssl -k -v 443 > /dev/null < /dev/zero".

I agree that the name should be changed. Maybe ssl-enum-ciphers. What
happens when you run it against an SSLv2 server, like
"openssl s_server -ssl2"?

You should switch the order of the first two paragraphs in the
description. The first paragraph is shown as the summary in NSEDoc, and
what you have now as the second paragraph is more descriptive of what
the script does.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Mak Kolybabi (Feb 16)
- Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Rob Nicholls (Feb 17)
- Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script David Fifield (Feb 19)
  - Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Rob Nicholls (Feb 20)
  - Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Mak Kolybabi (Feb 22)
    - Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Fyodor (Feb 22)
    - Ncat segfault with -l --ssl < /dev/zero David Fifield (Feb 23)
    - Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script David Fifield (Feb 23)
    - Re: [NSE] SSLv3/TLSv1 cipher and compression algorithm enumeration script Fyodor (Feb 24)