Fatal error: cannot exec or find any openssl binary

[hatlord]

Command line / docker command to reproduce This seems to affect the latest build of Kali Linux (5.10.0-kali7-amd64)

sudo apt-get update && sudo apt-get upgrade 
git clone --depth 1 https://github.com/drwetter/testssl.sh.git --tag=3.0.5 #the latest dev build also exhibits the same issue
./testssl.sh 1.1.1.1
Fatal error: cannot exec or find any openssl binary

Additional context It doesnt seem to matter what I do with this one, manually setting a known working location for OpenSSL in testssl.sh does not work, where as setting it with --openssl=/usr/bin/openssl does work. Previously Testssl always ran without having to specify it, and i have tooling set up to work in that way. I can change my tooling, but figure others might run into this.

Thanks!

[toxydose]

I have the same issue. Setting --openssl=/usr/bin/openssl flag works for me too.

[toxydose]

└─$ openssl version -a                                                                                                                                                                                                                 1 ⨯
OpenSSL 1.1.1l  24 Aug 2021
built on: Tue Aug 24 22:19:05 2021 UTC
platform: debian-amd64
options:  bn(64,64) rc4(16x,int) des(int) blowfish(ptr) 
compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/openssl-bVd5AA/openssl-1.1.1l=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2
OPENSSLDIR: "/usr/lib/ssl"
ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-1.1"
Seeding source: os-specific

I hope that it might help

[drwetter]

It's certainly Kali-Linux specific. Without installing this version it's hard to tell.

Can you check whether you are running it off a directory which is mounted noexec?

[hatlord]

Hello!

The partition is not mounted noexec. Thanks!

[drwetter]

what do

• ldd $thisopenssl
• strace -e trace=%file $thisopenssl version -d

return?

[hatlord]

ldd /usr/bin/openssl
        linux-vdso.so.1 (0x00007ffe00b42000)
        libssl.so.1.1 => /lib/x86_64-linux-gnu/libssl.so.1.1 (0x00007f2c09f9f000)
        libcrypto.so.1.1 => /lib/x86_64-linux-gnu/libcrypto.so.1.1 (0x00007f2c09cab000)
        libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f2c09c89000)
        libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f2c09ac4000)
        libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f2c09abe000)
        /lib64/ld-linux-x86-64.so.2 (0x00007f2c0a103000)

trace -e trace=%file /usr/bin/openssl version -d
execve("/usr/bin/openssl", ["/usr/bin/openssl", "version", "-d"], 0x7ffef9b0bdd0 /* 55 vars */) = 0
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libssl.so.1.1", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libcrypto.so.1.1", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
openat(AT_FDCWD, "/usr/lib/ssl/openssl.cnf", O_RDONLY) = 3
stat("/etc/ssl/kali.cnf", {st_mode=S_IFREG|0644, st_size=505, ...}) = 0
openat(AT_FDCWD, "/etc/ssl/kali.cnf", O_RDONLY) = 4
OPENSSLDIR: "/usr/lib/ssl"
+++ exited with 0 +++

[drwetter]

Can you pls run it again using the openssl version which comes with testssl.sh?

[hatlord]

Sorry do you mean bin/openssl.Linux.x86_64?

Cheers,

[drwetter]

yup

[hatlord]

ldd bin/openssl.Linux.x86_64
        not a dynamic executable

strace -e trace=%file bin/openssl.Linux.x86_64 version -d
execve("bin/openssl.Linux.x86_64", ["bin/openssl.Linux.x86_64", "version", "-d"], 0x7fff63a54050 /* 55 vars */) = 0
open("/etc/ssl/openssl.cnf", O_RDONLY)  = 3
23181376:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing equal sign:conf_def.c:345:line 8
+++ exited with 1 +++

[drwetter]

Okay, thanks. That's saying the the supplied openssl config file from Kali is not appropriate for the old version we're using.

Probably OPENSSL_CONF="" bin/openssl.Linux.x86_64 version -d will do it to just pass this check but it wouldn't get very far.

Can you post /etc/ssl/openssl.cnf and maybe /etc/ssl/kali.cnf?

[hatlord]

Attached!

cat /etc/ssl/kali.cnf
# The configurations proposed here are only used if /etc/ssl/openssl.cnf has
# been modified so that ssl_sect.system_default points to one of them. The
# kali-tweaks tool lets you easily switch that configuration entry.
#
# By default a kali system should have a weak configuration to easily interact
# with servers using old vulnerable protocols.

[kali_wide_compatibility]
MinProtocol = SSLv3
CipherString = ALL@SECLEVEL=0

[kali_strong_security]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2
[opensslcnf.txt](https://github.com/drwetter/testssl.sh/files/7153388/opensslcnf.txt)
(url)

[drwetter]

.include /etc/ssl/kali.cnf is the culprit. For short term you should be fine commenting this or providing a file with export OPENSSL_CONF=$your_openssl_conf.

For longer term this project needs to tackle that.

[hatlord]

Thanks, very much appreciate the help (and the tool)!

Edit: That does indeed allow it to run, ill give it a proper test later this week on a larger network.

[drwetter]

fixed in 3.1dev, see commit. I'll try later for 3.0.x