[NSE] ssl-enum-ciphers hosed?

["Dario Ciccarone (dciccaro)" <dciccaro () cisco com>]

Folks:

        Test setup: (1) OpenSUSE Linux 11.1 x86, patched as of today.
(2) Mac running 10.5.8, all patches as of this writing. Nmap 5.21,
freshly built today from source, on Linux & OS/X - downloaded from
nmap.org - also tried nmap 4.85BETA3 on the OS/X machine.

        Downloaded NSE script "ssl-enum-ciphers" from
http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html - run it against
test server @ lab, couple other servers - in all cases, it would either
return "nothing", or something like "40,483 compression supported" - and
listing "uncompressed" 40K times or so. Or would hang there for a
loooong time and basically sit there.

        In all cases, a tcpdump DID show traffic coming & going -
wireshark tagged all SSL ClientHello as "malformed" - but anyhow . . .

        Grabbed the original version, from Mak, the one he had attached
to his email on 02/16 - using that one, it takes seconds to scan, and
does produce meaningful results (though wireshark still complains about
malformed Hellos)

        Should be easy to repro in the lab - ssl-enum-ciphers == doesn't
work, sslv3-enum == does work.

        Thanks,
        Dario


        
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/