Nmap Development mailing list archives
heartbleed script only seems to work on known SSL ports in 6.46 for windows
From: "Gamache, Mark" <Mark.Gamache () T-Mobile com>
Date: Mon, 21 Apr 2014 16:21:41 -0700
Hi Devs, I just ran HB tests using 6.46 and it only seems to work for “standard SSL” ports. I use openssl s_server. For 443, 8443, and 636 the tool works great. For other ports, it repots back not vulnerable. For the other ports, nmap does a sny , sny/ack, rst and shows the open port, but does not initiate an SSL session. I have verified this via packet captures. Here is what I am using to test. openssl s_server -accept 2381 -cert chaintest.gsm1900.org.pem -key chaintest.gsm1900.org.pem -pass pass:1q2w3e running nmap –p 2381 --script ssl-heartbleed.nse IPaddress I tried this on several non-standard ports and get no luck. False negative scare me. Cheers, Mark Gamache Directory and Security Services 425-302-8873 mark.gamache () t-mobile com<mailto:mark.gamache () t-mobile com?subject=Mark,%20you're%20great!%20%20Can%20you%20help%20me?> From: Fyodor [mailto:fyodor () nmap org] Sent: Monday, April 21, 2014 3:13 PM To: Gamache, Mark Subject: Re: heartbleed script only seems to work on port 443 in 6.45 for windows On Tue, Apr 15, 2014 at 12:10 PM, Gamache, Mark <Mark.Gamache () t-mobile com<mailto:Mark.Gamache () t-mobile com>> wrote: I just downloaded 6.45 for windows, which now has the heartbleed detection script in the package. We have multiple teams working on the remediate plan for heartbleed and were getting different results. It turns out that the nmap script only works for port 443. It runs if other ports are selected, but we get a false negative. Hi Mark. We've made a number of improvements to the script which you can find in Nmap 6.46. If you still have trouble with that one, I recommend contacting the Nmap dev list (dev () nmap org<mailto:dev () nmap org>). Cheers, -F _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- heartbleed script only seems to work on known SSL ports in 6.46 for windows Gamache, Mark (Apr 21)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Daniel Miller (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Matias N. Sliafertas (Apr 23)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Patrik Karlsson (Apr 23)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 23)
- RE: heartbleed script only seems to work on known SSL ports in 6.46 for windows Gamache, Mark (Apr 23)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Kent Fritz (Apr 22)
- Re: heartbleed script only seems to work on known SSL ports in 6.46 for windows Daniel Miller (Apr 22)