search

nabla-c0d3 / sslyze

Fast and powerful SSL/TLS scanning library.
GNU Affero General Public License v3.0
3.29k stars 454 forks source link

Error when running multiple protocols #435

Closed merkone1 closed 4 years ago

merkone1 commented 4 years ago

I've removed/replaced some private information

SCAN RESULTS FOR webtest.test.com - 1.1.1.1

  • OpenSSL CCS Injection: OK - Not vulnerable to OpenSSL CCS injection

  • Deflate Compression: OK - Compression disabled

  • Downgrade Attacks: TLS_FALLBACK_SCSV: OK - Supported

  • Certificates Information: Hostname sent for SNI: webtest.test.com Number of certificates detected: 1

    Certificate #0 ( _RSAPublicKey ) SHA1 Fingerprint:
    Common Name: webtest.test.com Issuer:
    Serial Number:
    Not Before:
    Not After:
    Signature Algorithm: sha256 Public Key Algorithm: _RSAPublicKey Key Size: 4096 Exponent: 65537 DNS Subject Alternative Names: ['webtest.test.com', 'www.webtest.test.com']

    Certificate #0 - Trust Hostname Validation: OK - Certificate matches server hostname Android CA Store (9.0.0_r9): OK - Certificate is trusted Apple CA Store (iOS 13, iPadOS 13, macOS 10.15, watchOS 6, and tvOS 13):OK - Certificate is trusted Java CA Store (jdk-13.0.2): OK - Certificate is trusted Mozilla CA Store (2019-11-28): OK - Certificate is trusted Windows CA Store (2019-11-10): OK - Certificate is trusted Symantec 2018 Deprecation: OK - Not a Symantec-issued certificate Received Chain:
    Verified Chain:
    Received Chain Contains Anchor: OK - Anchor certificate not sent Received Chain Order: OK - Order is valid Verified Chain contains SHA1: OK - No SHA1-signed certificate in the verified certificate chain

    Certificate #0 - Extensions OCSP Must-Staple: NOT SUPPORTED - Extension not found Certificate Transparency: OK - 3 SCTs included

    Certificate #0 - OCSP Stapling NOT SUPPORTED - Server did not send back an OCSP response

  • Session Renegotiation: Client-initiated Renegotiation: OK - Rejected Secure Renegotiation: VULNERABLE - Secure renegotiation not supported

  • TLS 1.2 Session Resumption Support: With Session IDs: OK - Supported (5 successful resumptions out of 5 attempts). With TLS Tickets: NOT SUPPORTED - Server did not return a TLS ticket.

  • OpenSSL Heartbleed: OK - Not vulnerable to Heartbleed

  • ROBOT Attack: OK - Not vulnerable.

  • Error when running --tlsv1: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: tls_1_0_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\ssl_client.py", line 191, in do_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

  • Error when running --tlsv1_2: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: tls_1_2_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\ssl_client.py", line 191, in do_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

  • Error when running --sslv2: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: ssl_2_0_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\legacy_ssl_client.py", line 148, in do_ssl2_iis_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

  • Error when running --sslv3: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: ssl_3_0_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\ssl_client.py", line 191, in do_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

  • Error when running --tlsv1_3: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: tls_1_3_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\ssl_client.py", line 191, in do_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

  • Error when running --tlsv1_1: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

    • Server: webtest.test.com - 1.1.1.1

    • Scan command: tls_1_1_cipher_suites

      Traceback (most recent call last): File "C:\Users\nabla\Documents\Github\sslyze\sslyze\scanner.py", line 229, in get_results File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites\implementation.py", line 137, in result_for_completed_scan_jobs File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 432, in result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures_base.py", line 388, in __get_result File "C:\Users\nabla\AppData\Local\Programs\Python\Python38\Lib\concurrent\futures\thread.py", line 57, in run File "C:\Users\nabla\Documents\Github\sslyze\sslyze\plugins\openssl_cipher_suites_test_cipher_suite.py", line 78, in connect_with_cipher_suite File "C:\Users\nabla\Documents\Github\sslyze\sslyze\connection_helpers\tls_connection.py", line 297, in connect File "C:\Users\nabla.virtualenvs\lol3-kr5HOXoj\lib\site-packages\nassl-3.0.0-py3.8-win-amd64.egg\nassl\ssl_client.py", line 191, in do_handshake ConnectionResetError: [WinError 10054] Se ha forzado la interrupción de una conexión existente por el host remoto

    SCAN COMPLETED IN 29.42 S

nabla-c0d3 commented 4 years ago

Thanks for the report - this is a bug due to the error messages being localized in Spanish. Closing this as a duplicate of #434