Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Fwd: http-methods with TLSv1.0 or TLSv1.2

From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 21 Jan 2016 09:02:48 -0500
Forgot to include the list on this message.

---------- Forwarded message ----------
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, Jan 21, 2016 at 9:02 AM
Subject: Re: http-methods with TLSv1.0 or TLSv1.2
To: Elena Kozhemyak <elena.kozhemyak () gmail com>


Elena,

Nmap uses OpenSSL to negotiate the TLS connection. You can see which
version of OpenSSL has been linked in your nmap build by running `nmap
--version`. If your system's OpenSSL is older than 1.0.1, it probably does
not support TLS 1.2. The binaries we distribute for Windows, Linux, and OS
X all include the latest OpenSSL: https://nmap.org/download.html

Dan

On Tue, Jan 19, 2016 at 4:26 AM, Elena Kozhemyak <elena.kozhemyak () gmail com>
wrote:


Hi,

I would like to test supported HTTP methods on a remote web server running
on port 443 with support for TLS1.0 and TLSv1.2.

When I execute the script http-methods.nse using the following command, I
don't get any result for the supported methods.

#############################

nmap -p 443 --script http-methods  10.62.221.12

Starting Nmap 7.00 ( https://nmap.org ) at 2016-01-19 10:12 CET
Nmap scan report for 10.62.221.12
Host is up (0.00022s latency).
PORT    STATE SERVICE
443/tcp open  https
MAC Address: A4:A1:C2:63:B4:F0 (Ericsson AB)

Nmap done: 1 IP address (1 host up) scanned in 10.33 seconds

#############################

If I check with wireshark the script only tries TLSv1.1 which is rejected
as a non-supported protocol. (See the alert returned from the target in the
attached pcap).

Is there a way to force the script using TLSv1.0 or TLSv1.2 protocols?

Thank you!

Best regards,
Elena Kozhemyak

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: