Nmap Development mailing list archives
Re: patch for ssl-cipher-enum.nse?
From: David Fifield <david () bamsoftware com>
Date: Wed, 21 Mar 2012 10:40:39 -0700
On Wed, Mar 21, 2012 at 09:42:27AM +0000, Darren McDonald wrote:
Hi, been reading through ssl-cipher-enum.nse, and it appears that it's missing a few known ciphers. How would I go about submiting a patch for consideration? sierra@sierra:/usr/local/share/nmap/scripts$ diff -u ssl-enum-ciphers.bak ssl-enum-ciphers.nse --- ssl-enum-ciphers.bak 2012-03-15 14:54:19.631839498 +0000 +++ ssl-enum-ciphers.nse 2012-03-21 09:39:57.796645976 +0000 @@ -234,6 +234,8 @@ ["TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"] = 0x0019, ["TLS_DH_anon_WITH_DES_CBC_SHA"] = 0x001A, ["TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"] = 0x001B, + ["TLS_FORTEZZA_KEA_WITH_NULL_SHA"] = 0x001C, + ["TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"] = 0x001D, ["TLS_KRB5_WITH_DES_CBC_SHA"] = 0x001E, ["TLS_KRB5_WITH_3DES_EDE_CBC_SHA"] = 0x001F, ["TLS_KRB5_WITH_RC4_128_SHA"] = 0x0020, @@ -343,6 +345,18 @@ ["TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"] = 0x00B7, ["TLS_RSA_PSK_WITH_NULL_SHA256"] = 0x00B8, ["TLS_RSA_PSK_WITH_NULL_SHA384"] = 0x00B9, + ["TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BA, + ["TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BB, + ["TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C0, + ["TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C1, + ["TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C2, + ["TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C3, + ["TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C4, + ["TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C5, ["TLS_RENEGO_PROTECTION_REQUEST"] = 0x00FF, ["TLS_ECDH_ECDSA_WITH_NULL_SHA"] = 0xC001, ["TLS_ECDH_ECDSA_WITH_RC4_128_SHA"] = 0xC002,
The patch you sent works just fine. Thanks. I applied it, except that I changed TLS_FORTEZZA_KEA_WITH_NULL_SHA TLS_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA to SSL_FORTEZZA_KEA_WITH_NULL_SHA SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA because I couldn't find any references to the former. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- patch for ssl-cipher-enum.nse? Darren McDonald (Mar 21)
- Re: patch for ssl-cipher-enum.nse? David Fifield (Mar 21)