search

infrasonar / tcp-probe

InfraSonar TCP Probe
GNU General Public License v3.0
0 stars 0 forks source link

tcp-probe timeout while checking ssl-cert #3

Open riklempens opened 1 year ago

riklempens commented 1 year ago

Describe the bug

We observed the Nmap ssl-cert used by the TCP-probe to get stuck in a loop and thus timeout.

To Reproduce

The following Nmap command can be used to reproduce the issue:

  time nmap \
  --script +ssl-cert \
  -oX - \
  -p 443,995,993,465,3389,989,990,636,5986 \
  192.34.1.207

In this case the host 192.34.1.207 runs Microsoft Windows Server 2008 R2 Standard The only port open and thus checked is 3389.

Next, we ran the nmap command with the debug option: -d --packet-trace:

nmap  \
  -d --packet-trace
  --script +ssl-cert,+ssl-enum-ciphers \
  -oX - \
  -p 443,995,993,465,3389,989,990,636,5986 \
  192.34.1.207

This produced the following output:

NSOCK INFO [6.9340s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [6.9760s] nsock_readbytes(): Read request for 5 bytes from IOD #104 [192.34.1.207:3389] EID 2482
NSOCK INFO [6.9760s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [6.9760s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 2482 [192.34.1.207:3389] (855 bytes)
NSOCK INFO [7.0170s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.0240s] nsock_iod_delete(): nsock_iod_delete (IOD #104)
NSOCK INFO [7.0670s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.1100s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.1530s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.1960s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.2430s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.2940s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.3370s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.3890s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [7.4310s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
...
...
NSOCK INFO [30.0460s] handle_connect_result(): EID 9 reconnecting with SSL_OP_NO_SSLv2
NSOCK INFO [30.4530s] nsock_trace_handler_callback(): Callback: SSL-CONNECT TIMEOUT for EID 9 [192.34.1.207:3389]
NSOCK INFO [30.4530s] nsock_iod_delete(): nsock_iod_delete (IOD #1)
NSOCK INFO [30.4530s] nsock_iod_delete(): nsock_iod_delete: SSL shutdown failed ((null)) on NSI 1

After 30 seconds, the loop is aborted.

riklempens commented 1 year ago

This issue is on hold as this can't be fixed on our end but requires an update in Nmap.