Closed ikstream closed 6 months ago
Zeramo
commented
6 months ago Without adding -t nmap to the command, the output will not show any supported cipher suites.
The message "Server scheint keine Cipher-Suites zu unterstützen" will be printed instead.
4elta
commented
6 months ago thanks for your effort reporting these issues.
i was already aware of the fact that different tools (e.g. nmap, testssl, etc) were often reporting different things.
but i wasn't aware that the parser for testssl seems to be no longer parsing the list of reported cipher suites as well as that the nmap parser does not parse cipher preference.
i am closing this issue as it contains multiple independent issue and will instead create separate issues for each.
Below attached is the output of the same host:port combination first from testssl, followed by nmap. Some output is missing from each other. Especially the
Chiffre-Präferenzis causing me troubles. the preference is actually server and it's reflected in the nmap.log and xml file, but isn't recognized properly. Maybe a bit more of processing would allow for the same checks as testssl performs on systems.testssl
status_requestnmap
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256TLS_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_CBC_SHA256TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384TLS_RSA_WITH_AES_256_CBC_SHATLS_ECDHE_RSA_WITH_AES_256_CBC_SHATLS_RSA_WITH_AES_256_CBC_SHA256TLS_RSA_WITH_AES_256_GCM_SHA384TLS_ECDHE_RSA_WITH_AES_128_CBC_SHATLS_RSA_WITH_AES_128_GCM_SHA256secp521r1status_request