Nmap Development mailing list archives
Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert
From: Daniel Miller <bonsaiviking () gmail com>
Date: Sun, 20 Sep 2015 12:41:00 -0500
Thanks for chiming in. What version of Nmap are you using, suhail? Venky, it looks like you're using an older version of Nmap. The ssl-enum-ciphers script has undergone a lot of changes since 6.40. Can you try with Nmap 6.49BETA4 or at worst 6.47 and tell us if you still experience a problem? See https://nmap.org/download.html If you still experience a problem, please include output of your command with -d2 --script-trace options. I will try to reproduce here if I don't hear back soon. Dan On Sun, Sep 20, 2015 at 2:47 AM, suhail sullad <suhail.sullad () gmail com> wrote:
Observed the same issue. Suspecting a cipher issue. On Sep 19, 2015 6:48 PM, "knare k" <knarelinux () gmail com> wrote:Thanks Dan. I configured a local snmp server on an Ubuntu machine with tls support. # snmpd dtlsudp:10161 tlstcp:10161 Created a Self-Signed certificate and used it. And the output from the command: "openssl s_client -connect localhost:10161" # openssl s_client -connect localhost:10161 CONNECTED(00000003) depth=0 C = IN, ST = AP, L = HYD, O = xyz, OU = embedded, CN = venky, emailAddress = venky@localhost verify error:num=18:self signed certificate verify return:1 depth=0 C = IN, ST = AP, L = HYD, O = xyz, OU = embedded, CN = venky, emailAddress = venky@localhost verify return:1 140536960857760:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1262:SSL alert number 40 140536960857760:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:177: --- Certificate chain 0 s:/C=IN/ST=AP/L=HYD/O=xyz/OU=embedded/CN=venky/emailAddress=venky@localhost i:/C=IN/ST=AP/L=HYD/O=xyz/OU=embedded/CN=venky/emailAddress=venky@localhost --- Server certificate -----BEGIN CERTIFICATE----- MIICaTCCAdICCQCqllznqB/5gjANBgkqhkiG9w0BAQsFADB5MQswCQYDVQQGEwJJ TjELMAkGA1UECAwCQVAxDDAKBgNVBAcMA0hZRDEMMAoGA1UECgwDeHl6MREwDwYD VQQLDAhlbWJlZGRlZDEOMAwGA1UEAwwFdmVua3kxHjAcBgkqhkiG9w0BCQEWD3Zl bmt5QGxvY2FsaG9zdDAeFw0xNTA5MTkwOTI1MDhaFw0xNjA5MTgwOTI1MDhaMHkx CzAJBgNVBAYTAklOMQswCQYDVQQIDAJBUDEMMAoGA1UEBwwDSFlEMQwwCgYDVQQK DAN4eXoxETAPBgNVBAsMCGVtYmVkZGVkMQ4wDAYDVQQDDAV2ZW5reTEeMBwGCSqG SIb3DQEJARYPdmVua3lAbG9jYWxob3N0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB iQKBgQDA0+Aiqpx9fk/wH9Hg8wQLhEOs9ysC7ASemmv+0u+axru6nsxZTpM7OnMf vFgGjAataERxenNVkt2IuRAWIO4p+A6J/H7WrnW3AqEFqovJoWVucAOkqzZfzIuD bnVdrksyjJoz2KNdamT/C4PLvUp4ksM1cjEHCE5e9EuNe++uQQIDAQABMA0GCSqG SIb3DQEBCwUAA4GBAFFx8mA0mJSr79n1hKlX8SpWYKfZ415Rt/Od3Pa9HFyb4sjl pqZHiF82KlAZNJBhdNcp8rnO+bsjJHd1KK/ECFO3ZFL4apKKaQ+6R4rNTTltLCVe OuHUEptj0ARghnJdSzy4huurwrMurzooZOk6oJ9px4O4MKW9UThGtxr684FZ -----END CERTIFICATE----- subject=/C=IN/ST=AP/L=HYD/O=xyz/OU=embedded/CN=venky/emailAddress=venky@localhost issuer=/C=IN/ST=AP/L=HYD/O=xyz/OU=embedded/CN=venky/emailAddress=venky@localhost --- No client certificate CA names sent --- SSL handshake has read 725 bytes and written 210 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: Session-ID-ctx: Master-Key: AA5C362000AE942C8584A8AD153F4D2592AAD5172A2D4D5FE3457FDB5331982AE0739130A72DB3D86CDC1AAAFB30A13B Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1442654860 Timeout : 300 (sec) Verify return code: 18 (self signed certificate) --- And the output from the command: "nmap -sV -p <snmpport> --script=+ssl-cert <host>" # nmap -sV -p 10161 --script=+ssl-cert localhost Starting Nmap 6.40 ( http://nmap.org ) at 2015-09-19 14:59 IST Nmap scan report for localhost (127.0.0.1) Host is up (0.00014s latency). PORT STATE SERVICE VERSION 10161/tcp open ssl/unknown Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 12.23 seconds Thanks Venky On Sat, Sep 19, 2015 at 4:41 AM, Daniel Miller <bonsaiviking () gmail com> wrote:Venky, Can you confirm that the SNMP service is actually running SSL? Thiswould bea highly unusual configuration, but you could test with an independenttool.What is the output of this command? openssl s_client -connect <host>:<snmpport> Instead of SSL do you perhaps have SNMPv3 with encryption enabled? Dan On Fri, Sep 18, 2015 at 8:25 AM, knare k <knarelinux () gmail com> wrote:Hi Ulrik, Thanks for your response. We tried with the '+' option, but no luck. We have set up snmp server locally on our ubuntu machine and tried it. Checking if we configured the snmp server properly, I will let you know if it works. Thanks Venky. ---------- Forwarded message ---------- From: Ulrik Haugen <qha () lysator liu se> Date: Mon, Sep 14, 2015 at 9:56 PM Subject: Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert To: knare k <knarelinux () gmail com> knare k <knarelinux () gmail com> wrote:I am not able to get SSL certificate for snmp using ssl-cert scriptofnmap, able to get for all others. I tried the following command with the snmp port. # nmap -sU -Pn -p <snmpport> <host> --script=ssl-certYou might have more luck with: # nmap -sU -Pn -p <snmpport> --script=+ssl-cert <host> The "+" before the script name makes it run even though the portrule doesn't fire. Unfortunately i can't find the documentation for it right now so i can't show how you should have discovered it. Please report if this works, i have some scripts that need tuning if it does! Best regards /Ulrik Haugen _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert knare k (Sep 14)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Ulrik Haugen (Sep 14)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Daniel Miller (Sep 14)
- Message not available
- Fwd: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert knare k (Sep 18)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Daniel Miller (Sep 18)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert knare k (Sep 19)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert suhail sullad (Sep 20)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Daniel Miller (Sep 20)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert suhail sullad (Sep 20)
- Message not available
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert suhail sullad (Sep 21)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Daniel Miller (Sep 21)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert suhail sullad (Sep 21)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert suhail sullad (Sep 23)
- Re: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert Daniel Miller (Sep 23)
- Fwd: Unable to get SSL Certificate info for SNMP seriver with nmap ssl-cert knare k (Sep 18)