Re: cipher support

[Robin Wood <robin@digi.ninja>]

On 13 Oct 2015 02:48, "Daniel Miller" <bonsaiviking () gmail com> wrote:
> Robin,
>
> It's true: the ssl-enum-ciphers script does not detect SSLv2. This is
because we have a dedicated script for that protocol: sslv2.nse. I just
engaged with Robert Graham (masscan) and John Matherly (Shodan) on Twitter
and they had interesting things to say: Rob will be scanning the Internet
for SSLv2 tonight looking for what ciphers are offered [1], and Shodan
already lets you search for SSLv2, but does not list ciphers [2].

Based on the name I think ssl-enum-ciphers should check for SSLv2. From a
semantic point of view I can understand why if SSLv2 is listed and not
enumerated but having a single script that returns everything would be
easier to work with.

Robin

> I did look into it further, and it appears that the client must send a
list of ciphers to the SSLv2 server, and the server will send back *any* of
the ciphers it supports. This is still more info than SSLv3 and newer
gives, since in those cases only 1 cipher is returned. But sslv2.nse sends
all 8 cipher suites described in any documentation I can find anywhere. We
would gladly send more if any were identified; the "address space" is 3
bytes, so there is lots of room for potentially-implemented ciphers we are
not trying.
> Dan
>
> [1] https://twitter.com/ErrataRob/status/653671404194410497
> [2] https://twitter.com/achillean/status/653671202389536768
>
> On Mon, Oct 12, 2015 at 5:29 PM, Robin Wood <robin@digi.ninja> wrote:
> > On 12 Oct 2015 19:34, "Daniel Miller" <bonsaiviking () gmail com> wrote:
> > > Robin,
> > >
> > > Nmap relies on the sslv2 NSE script [1] for SSLv2 detection and cipher
enumeration. It does not require OpenSSL for any of these functions. The
script will show the ciphers that the server provides; SSLv2 is different
than SSLv3 and TLS in this regard, since the server sends a list of
supported ciphers. The list of names that we can translate is admittedly
sparse: only 8 ciphers listed. But any unsupported ones will be reported by
number, so no real information is lost.
> > > Related, the ssl-enum-ciphers script also does not use OpenSSL to
determine the list of supported ciphers. OpenSSL is used to parse the
server certificate to extract necessary key strength information for
determining the "score" of the handshake, but this is secondary to the
cipher enumeration part of the script.
> > I'll check again but I'm sure in a test earlier I got the ssllabs site
and sslscan finding SSLv2 but not the ssl-enum-ciphers script.
> > I'll run it all in the morning and post back results.
> >
> > Robin
> >
> > > Dan
> > >
> > > [1] https://nmap.org/nsedoc/scripts/sslv2.html
> > >
> > > On Mon, Oct 12, 2015 at 9:00 AM, Robin Wood <robin@digi.ninja> wrote:
> > > > I've been looking at SSL and found that both sslscan and nmap are
> > > > missing SSLv2 ciphers. From looking at sslscan it needs to be built
> > > > against a static version of openssl which is built to support SSLv2
> > > > and from a tweet by Dan Miller I assume nmap is the same, what is the
> > > > best way to do this?
> > > >
> > > > Luckily I don't think I've not missed anything as Nessus has been
> > > > catching all the SSLv2 that I've come across but I was wondering if it
> > > > is worth adding something to the scripts that test for ciphers so they
> > > > can warn the user if they are likely to miss ciphers due to the
> > > > version of openssl in use?
> > > >
> > > > Robin
> > > > _______________________________________________
> > > > Sent through the dev mailing list
> > > > https://nmap.org/mailman/listinfo/dev
> > > > Archived at http://seclists.org/nmap-dev/
_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/