Nmap Development mailing list archives
RE: [NSE] ssl-enum-ciphers hosed?
From: "Rob Nicholls" <robert () robnicholls co uk>
Date: Fri, 12 Mar 2010 17:24:04 -0000
I emailed Mak 2-3 weeks ago to let him know that I was having similar issues with the faster version of the script (I could see my certificate being returned in Nmap's packet trace, but the script wasn't reporting anything) against my own web server; the original version worked fine, albeit quite slowly. He said he'd fixed it to return some ciphers (possibly the SVN version you tried?), but "it still can't return all seven that ssllabs.com and the old version of my script report". I was hoping Mak would find time to quickly fix it, but perhaps the SVN version should go back to the original version of the script? I'd rather have slow and accurate results than something fast and buggy. Rob -----Original Message----- From: nmap-dev-bounces () insecure org [mailto:nmap-dev-bounces () insecure org] On Behalf Of Dario Ciccarone (dciccaro) Sent: 12 March 2010 16:39 To: nmap-dev () insecure org Subject: [NSE] ssl-enum-ciphers hosed? Folks: Test setup: (1) OpenSUSE Linux 11.1 x86, patched as of today. (2) Mac running 10.5.8, all patches as of this writing. Nmap 5.21, freshly built today from source, on Linux & OS/X - downloaded from nmap.org - also tried nmap 4.85BETA3 on the OS/X machine. Downloaded NSE script "ssl-enum-ciphers" from http://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html - run it against test server @ lab, couple other servers - in all cases, it would either return "nothing", or something like "40,483 compression supported" - and listing "uncompressed" 40K times or so. Or would hang there for a loooong time and basically sit there. In all cases, a tcpdump DID show traffic coming & going - wireshark tagged all SSL ClientHello as "malformed" - but anyhow . . . Grabbed the original version, from Mak, the one he had attached to his email on 02/16 - using that one, it takes seconds to scan, and does produce meaningful results (though wireshark still complains about malformed Hellos) Should be easy to repro in the lab - ssl-enum-ciphers == doesn't work, sslv3-enum == does work. Thanks, Dario _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Rob Nicholls (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- Re: [NSE] ssl-enum-ciphers hosed? Ron (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? Mak Kolybabi (Mar 15)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? David Fifield (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? Mak Kolybabi (Mar 21)
- Re: [NSE] ssl-enum-ciphers hosed? David Fifield (Mar 21)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- Re: [NSE] ssl-enum-ciphers hosed? Thierry Zoller (Mar 15)
- RE: [NSE] ssl-enum-ciphers hosed? Rob Nicholls (Mar 12)