drwetter / testssl.sh

Testing TLS/SSL encryption anywhere on any port
https://testssl.sh
GNU General Public License v2.0
8.01k stars 1.03k forks source link

Output appears to be nonsense on particular non-HTTPS server #1217

Closed rcombs closed 5 years ago

rcombs commented 5 years ago

Please make sure that you provide enough information so that we understand what your issue is about.

  1. testssl version from the banner (testssl.sh -b 2>/dev/null | head -4 | tail -2)

    testssl.sh       2.9.5-7 from https://testssl.sh/
    (1db3440b7 2018-07-14 15:02:07 -- )
  2. what exactly was happening, output is needed

    
    $ testssl.sh abstract.slashnet.org:6697

########################################################### testssl.sh 2.9.5-7 from https://testssl.sh/ (5938cde0c 2019-03-09 03:49:55 -- )

  This program is free software. Distribution and
         modification under GPLv2 permitted.
  USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK!

   Please file bugs @ https://testssl.sh/bugs/

###########################################################

Using "OpenSSL 1.0.2q 20 Nov 2018" [~125 ciphers] on MacBook-Pro:/usr/local/opt/openssl/bin/openssl (built: "reproducible build, date unspecified", platform: "darwin64-x86_64-cc")

Start 2019-03-19 23:32:49 -->> 173.255.234.71:6697 (abstract.slashnet.org) <<--

further IP addresses: 2600:3c03::f03c:91ff:fedf:243b rDNS (173.255.234.71): abstract.slashnet.org. Service detected: Couldn't determine what's running on port 6697, assuming no HTTP service => skipping all HTTP checks

Testing protocols via sockets except SPDY+HTTP2

SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 not offered SPDY/NPN (SPDY is an HTTP protocol and thus not tested here) HTTP2/ALPN (HTTP/2 is a HTTP protocol and thus not tested here)

Testing ~standard cipher categories

NULL ciphers (no encryption) not offered (OK) Anonymous NULL Ciphers (no authentication) not offered (OK) Export ciphers (w/o ADH+NULL) not offered (OK) LOW: 64 Bit + DES encryption (w/o export) not offered (OK) Weak 128 Bit ciphers (SEED, IDEA, RC[2,4]) not offered (OK) Triple DES Ciphers (Medium) not offered (OK) High encryption (AES+Camellia, no AEAD) not offered Strong encryption (AEAD ciphers) not offered

Testing robust (perfect) forward secrecy, (P)FS -- omitting Null Authentication/Encryption, 3DES, RC4

No ciphers supporting Forward Secrecy offered

Testing server preferences

Has server cipher order? no matching cipher in this list found (pls report this): DES-CBC3-SHA:RC4-MD5:DES-CBC-SHA:RC4-SHA:AES128-SHA:AES128-SHA256:AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:AES256-SHA256 .

Testing server defaults (Server Hello)

TLS extensions (standard) (none) Session Ticket RFC 5077 hint (no lifetime advertised) SSL Session ID support yes Session Resumption Ticket resumption test failed, pls report / ID resumption test failed, pls report TLS clock skew SSLv3 through TLS 1.2 didn't return a timestamp

Testing vulnerabilities

Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension CCS (CVE-2014-0224) not vulnerable (OK) Ticketbleed (CVE-2016-9244), experiment. -- (applicable only for HTTPS) Secure Renegotiation (CVE-2009-3555) handshake didn't succeed Secure Client-Initiated Renegotiation not vulnerable (OK) CRIME, TLS (CVE-2012-4929) test failed (couldn't connect) POODLE, SSL (CVE-2014-3566) VULNERABLE (NOT ok), uses SSLv3+CBC (check TLS_FALLBACK_SCSV mitigation below) TLS_FALLBACK_SCSV (RFC 7507) Downgrade attack prevention supported (OK) SWEET32 (CVE-2016-2183, CVE-2016-6329) not vulnerable (OK) FREAK (CVE-2015-0204) not vulnerable (OK) DROWN (CVE-2016-0800, CVE-2016-0703) not vulnerable on this host and port (OK) no RSA certificate, thus certificate can't be used with SSLv2 elsewhere LOGJAM (CVE-2015-4000), experimental not vulnerable (OK): no DH EXPORT ciphers, no DH key detected BEAST (CVE-2011-3389) no SSL3 or TLS1 (OK) LUCKY13 (CVE-2013-0169), experimental not vulnerable (OK) RC4 (CVE-2013-2566, CVE-2015-2808) no RC4 ciphers detected (OK)

Testing 359 ciphers via OpenSSL plus sockets against the server, ordered by encryption strength

Hexcode Cipher Suite Name (OpenSSL) KeyExch. Encryption Bits Cipher Suite Name (RFC)

Could not determine which protocol was started, only simulating generic clients.

Running client simulations via sockets

Java 6u45 No connection Java 7u25 No connection Java 8u31 No connection OpenSSL 1.0.1l No connection OpenSSL 1.0.2e No connection

Done 2019-03-19 23:34:24 [0100s] -->> 173.255.234.71:6697 (abstract.slashnet.org) <<--



3. what did you expect instead?

This server actually supports SSLv3 and TLS1.0-1.2, as well as a number of cipher suites. Curl and `openssl s_client` are able to connect; I'm not sure why testssl.sh has trouble.

4. steps to reproduce

   1. testssl.sh command line
`testssl.sh abstract.slashnet.org:6697`

    1. if possible: target IP
`173.255.234.71` 

    1. openssl version used (testssl.sh -b 2>/dev/null | head -16 | tail -3)

    Using "OpenSSL 1.0.2q  20 Nov 2018" [~125 ciphers]
    on MacBook-Pro:/usr/local/opt/openssl/bin/openssl
    (built: "reproducible build, date unspecified", platform: "darwin64-x86_64-cc")

    1. your operating system (uname -a)
`Darwin MacBook-Pro.localdomain 18.2.0 Darwin Kernel Version 18.2.0: Thu Dec 20 20:46:53 PST 2018; root:xnu-4903.241.1~1/RELEASE_X86_64 x86_64`
drwetter commented 5 years ago

Hi @rcombs ,

if I use --debug=5:

sending client hello... sending client hello...
"\x16\x03\x01\x02\x00\x01\x00\x01\xfc\x03\x03\x54\x51\x1e\x7a\xde\xad\xbe\xef\x31\x33\x07\x00\x00\x00\x00\x00\xcf\xbd\x39\x04\xcc\x16\x0b\x85\x03\x90\x9f\x77\x04\x33\xd4\xde\x00\x00\xfe\xcc\x14\xcc\x13\xcc\x15\xc0\x30\xc0\x2c\xc0\x28\xc0\x24\x00\xa5\x00\xa3\x00\xa1\x00\x9f\xcc\xa9\xcc\xa8\xcc\xaa\xc0\xaf\xc0\xad\xc0\xa3\xc0\x9f\x00\x6b\x00\x6a\x00\x69\x00\x68\xc0\x77\xc0\x73\x00\xc4\x00\xc3\x00\xc2\x00\xc1\xc0\x32\xc0\x2e\xc0\x2a\xc0\x26\xc0\x79\xc0\x75\x00\x9d\xc0\xa1\xc0\x9d\x00\x3d\x00\xc0\xc0\x3d\xc0\x3f\xc0\x41\xc0\x43\xc0\x45\xc0\x49\xc0\x4b\xc0\x4d\xc0\x4f\xc0\x51\xc0\x53\xc0\x55\xc0\x57\xc0\x59\xc0\x5d\xc0\x5f\xc0\x61\xc0\x63\xc0\x7b\xc0\x7d\xc0\x7f\xc0\x81\xc0\x83\xc0\x87\xc0\x89\xc0\x8b\xc0\x8d\x16\xb7\x16\xb8\x16\xb9\x16\xba\xc0\x2f\xc0\x2b\xc0\x27\xc0\x23\x00\xa4\x00\xa2\x00\xa0\x00\x9e\xc0\xae\xc0\xac\xc0\xa2\xc0\x9e\xc0\xa0\xc0\x9c\x00\x67\x00\x40\x00\x3f\x00\x3e\xc0\x76\xc0\x72\x00\xbe\x00\xbd\x00\xbc\x00\xbb\xc0\x31\xc0\x2d\xc0\x29\xc0\x25\xc0\x78\xc0\x74\x00\x9c\x00\x3c\x00\xba\xc0\x3c\xc0\x3e\xc0\x40\xc0\x42\xc0\x44\xc0\x48\xc0\x4a\xc0\x4c\xc0\x4e\xc0\x50\xc0\x52\xc0\x54\xc0\x56\xc0\x58\xc0\x5c\xc0\x5e\xc0\x60\xc0\x62\xc0\x7a\xc0\x7c\xc0\x7e\xc0\x80\xc0\x82\x00\xff\x01\x00\x00\xd5\x00\x00\x00\x1a\x00\x18\x00\x00\x15\x61\x62\x73\x74\x72\x61\x63\x74\x2e\x73\x6c\x61\x73\x68\x6e\x65\x74\x2e\x6f\x72\x67\x00\x23\x00\x00\x33\x74\x00\x00\x00\x0d\x00\x20\x00\x1e\x06\x01\x06\x02\x06\x03\x05\x01\x05\x02\x05\x03\x04\x01\x04\x02\x04\x03\x03\x01\x03\x02\x03\x03\x02\x01\x02\x02\x02\x03\x00\x0a\x00\x3e\x00\x3c\x00\x0e\x00\x0d\x00\x19\x00\x1c\x00\x1e\x00\x0b\x00\x0c\x00\x1b\x00\x18\x00\x09\x00\x0a\x00\x1a\x00\x16\x00\x17\x00\x1d\x00\x08\x00\x06\x00\x07\x00\x14\x00\x15\x00\x04\x00\x05\x00\x12\x00\x13\x00\x01\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00\x0b\x00\x02\x01\x00\x00\x0f\x00\x01\x01\x00\x15\x00\x3a\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
reading server hello...
00000000  45 52 52 4f 52 20 3a 43  6c 6f 73 69 6e 67 20 4c  |ERROR :Closing L|
00000010  69 6e 6b 3a 20 5b 37 37  2e 36 2e 31 37 38 2e 31  |ink: [XX.YY.178.1|
00000020  34 31 5d 20 28 54 68 72  6f 74 74 6c 65 64 3a 20  |41] (Throttled: |
00000030  52 65 63 6f 6e 6e 65 63  74 69 6e 67 20 74 6f 6f  |Reconnecting too|
00000040  20 66 61 73 74 29 20 2d  45 6d 61 69 6c 20 6b 6c  | fast) -Email kl|
00000050  69 6e 65 40 73 6c 61 73  68 6e 65 74 2e 6f 72 67  |ine@slashnet.org|

This is not a valid ServerHello but reveals a server side measure. Thus closing.

Cheers, Dirk