Closed kyhwana closed 8 years ago
Poked on Twitter: https://twitter.com/sindarina/status/593320234444050432
Looks like they added HTTPS, but there are some issues; https://www.ssllabs.com/ssltest/analyze.html?d=notepad-plus-plus.org (B)
The certificate includes the wrong intermediate, and the chain is therefore incomplete. The cipher order and selection is suboptimal, and there is no reason to have 1024-bit DH keys active with nginx, or lack session caching.
Cipherscan Results
Target: notepad-plus-plus.org:443
prio ciphersuite protocols pfs_keysize
1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits
2 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits
3 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
4 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits
5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits
6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
7 DHE-RSA-CAMELLIA256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
8 AES256-GCM-SHA384 TLSv1.2
9 AES256-SHA256 TLSv1.2
10 AES256-SHA TLSv1,TLSv1.1,TLSv1.2
11 CAMELLIA256-SHA TLSv1,TLSv1.1,TLSv1.2
12 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits
13 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits
14 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
15 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
16 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
17 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
18 DHE-RSA-CAMELLIA128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
19 AES128-GCM-SHA256 TLSv1.2
20 AES128-SHA256 TLSv1.2
21 AES128-SHA TLSv1,TLSv1.1,TLSv1.2
22 CAMELLIA128-SHA TLSv1,TLSv1.1,TLSv1.2
23 ECDHE-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
24 EDH-RSA-DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
25 DES-CBC3-SHA TLSv1,TLSv1.1,TLSv1.2
Certificate: UNTRUSTED, 2048 bit, sha256WithRSAEncryption signature
TLS ticket lifetime hint: 300
OCSP stapling: not supported
Server side cipher ordering
Cipherscan Analysis
notepad-plus-plus.org:443 has bad ssl/tls
Things that are bad:
* remove cipher EDH-RSA-DES-CBC3-SHA
* don't use an untrusted or self-signed certificate
Changes needed to match the intermediate level:
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* consider using DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
Changes needed to match the modern level:
* remove cipher DHE-RSA-CAMELLIA256-SHA
* remove cipher AES256-GCM-SHA384
* remove cipher AES256-SHA256
* remove cipher AES256-SHA
* remove cipher CAMELLIA256-SHA
* remove cipher DHE-RSA-CAMELLIA128-SHA
* remove cipher AES128-GCM-SHA256
* remove cipher AES128-SHA256
* remove cipher AES128-SHA
* remove cipher CAMELLIA128-SHA
* remove cipher ECDHE-RSA-DES-CBC3-SHA
* remove cipher EDH-RSA-DES-CBC3-SHA
* remove cipher DES-CBC3-SHA
* disable TLSv1
* use DHE of at least 2048bits and ECC of at least 256bits
* consider enabling OCSP Stapling
Poked on Twitter: https://twitter.com/sindarina/status/596626227152162816
Looks like the Chain issues are solved, no ?
Yep, it's now up to an A! We can close this one. :)
If you're running nginx there's no good reason to leave DH keys at 1024-bits, unless your targetting Java 6, which has been EOL'd for quite some time now. So that issue remains.
Also, has it been confirmed that it does in fact download over HTTPS now, and doesn't shunt you off to a Sourceforge HTTP page?
Hmm, the site does offer the download over HTTPS, so that's good. The about box still lists the HTTP link, and the redirect adds an extra slash;
> Host: www.notepad-plus-plus.org
> Accept: */*
>
< HTTP/1.1 301 Moved Permanently
* Server nginx/1.6.2 is not blacklisted
< Server: nginx/1.6.2
< Date: Sat, 16 May 2015 03:52:02 GMT
< Content-Type: text/html
< Content-Length: 184
< Connection: keep-alive
< Location: https://notepad-plus-plus.org//
Not critical, but points to a configuration issue. While they're fixing this, they should also stop advertising the version of nginx in use.
The autoupdater in the current version is borked, however, so unable to test that;
Reinstalling it does not solve the problem.
As for generating a 2048-bit DH key for nginx; https://duckduckgo.com/?q=nginx+2048+dhparam
In light of the details of the Logjam attack (https://weakdh.org/), we are upgrading 1024-bit DH keys to a red level issue that should be resolved, as that key size puts it within reach of state-level adversaries and is no longer considered safe.
See https://github.com/isvsecwatch/httpstracker#a-note-on-dhdhe for details.
No fix for 1024-bit DH yet, or confirmation that the download issue has been fixed.
Changes were made, but still capped at 'B' due to 1024-bit DH keys; https://www.ssllabs.com/ssltest/analyze.html?d=notepad-plus-plus.org (B)
Which is completely unnecessary with that nginx version. Either define a 2048-bit DH key, or disable DHE ciphers altogether.
Cipherscan Results
Target: notepad-plus-plus.org:443
prio ciphersuite protocols pfs_keysize
1 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits
2 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits
3 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits
4 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits
5 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits
6 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits
Certificate: trusted, 2048 bit, sha256WithRSAEncryption signature
TLS ticket lifetime hint: 300
OCSP stapling: supported
Server side cipher ordering
Cipherscan Analysis
notepad-plus-plus.org:443 has obscure or unknown ssl/tls
Changes needed to match the intermediate level:
* add cipher AES128-SHA
* consider using DHE of at least 2048bits and ECC of at least 256bits
Changes needed to match the modern level:
* disable TLSv1
* use DHE of at least 2048bits and ECC of at least 256bits
No change. Poked on Twitter; https://twitter.com/isvsecwatch/status/617251410246258688
No change, still unresolved.
No change, still sporting 1024-bit DH keys.
Closing as unresolved, no response from site owner.
Removing the cipher-related tags, no news on whether HTTP links have been replaced yet.
The text editor Notepad++ is not available to download via HTTPS. The download page: http://notepad-plus-plus.org/download/v6.7.7.html has no HTTPS option. There are SHA1 hashsums available at http://sourceforge.net/p/notepad-plus/discussion/1290588/thread/50b7b577/ however, if you try to view the SF page over HTTPS, it redirects you back to HTTP.
The windows installer from notepad-plus-plus.org isn't signed with authenticode or GPG.
The updater also downloads updates over http: (broIDS log) 1430292778.123006 Cg8gAZ3btr3usDc5H5 192.168.1.28 60982 188.165.49.149 80 1 GET notepad-plus-plus.org /update/getDownloadUrl.php?version=6.75 - - 0 855 200 OK - - - (empty) - - - - - FqrEek4U3sFZwB3gw text/plain 1430292785.398997 COtwkn1bzfxWjJ71Ml 192.168.1.28 60985 188.165.49.149 80 1 GET notepad-plus-plus.org /repository/6.x/6.7.7/npp.6.7.7.Installer.exe - - 0 8254766 200 OK - - - (empty) - - - - - FmuPH41d0xHYz9aYJ6application/x-dosexec
Executables via HTTP are easily MITMable with something like Evilgrade: https://github.com/infobyte/evilgrade