Nmap Development mailing list archives
Re: [NSE] HUGE ssl-enum-ciphers speed improvement
From: Daniel Miller <bonsaiviking () gmail com>
Date: Fri, 13 Jul 2012 07:38:24 -0500
On Fri, Jul 13, 2012 at 4:00 AM, Martyn Tovey <martyn () netcraft com> wrote:
Hi Daniel, When I was playing with this stuff a few years back, I found that some SSL implementations (Windows being one of them, if I remember correctly) only look at the first 64 ciphers from the client. Try breaking the cipher list into smaller chunks and let me know if that gives the same results as the slow (but accurate) method. Cheers, M. -- Martyn Tovey Netcraft, 2 Belmont, BATH, Somerset, BA1 5DZ, UK.
Martyn, Thanks for this information! I tried it quickly this morning and found that it works for at least TLSv1.0 against windowsupdate.microsoft.com. I have some more cleaning up of the script to do (perhaps thread each chunk of 64, remove debug statements, tweak the compressor detection), then I'll run a more thorough test. Dan _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Kris Katterjohn (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement David Fifield (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Message not available
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 12)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement David Fifield (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Daniel Miller (Jul 13)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 15)
- Re: [NSE] HUGE ssl-enum-ciphers speed improvement Matt Selsky (Jul 12)