"Not a valid TlsHandshakeTypeByte" when running --heartbleed

[wondex]

Describe the bug

Traceback (most recent call last):
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/scanner.py", line 264, in get_results
    result = implementation_cls.result_for_completed_scan_jobs(
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 77, in result_for_completed_scan_jobs
    return HeartbleedScanResult(is_vulnerable_to_heartbleed=completed_scan_jobs[0].result())
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 432, in result
    return self.__get_result()
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 388, in __get_result
    raise self._exception
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/thread.py", line 57, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 98, in _test_heartbleed
    ssl_connection.connect()
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/connection_helpers/tls_connection.py", line 293, in connect
    self.ssl_client.do_handshake()
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 157, in _do_handshake_with_heartbleed
    tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes)
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/parser.py", line 17, in parse_bytes
    return TlsHandshakeRecord.from_bytes(raw_bytes)
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 82, in from_bytes
    message, len_consumed_for_message = TlsHandshakeMessage.from_bytes(remaining_bytes)
  File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 43, in from_bytes
    handshake_type = TlsHandshakeTypeByte(struct.unpack('B', raw_bytes[0:1])[0])
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 315, in __call__
    return cls.__new__(cls, value)
  File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 617, in __new__
    raise ve_exc
ValueError: 204 is not a valid TlsHandshakeTypeByte

or

ValueError: 92 is not a valid TlsHandshakeTypeByte

To Reproduce Install SSLyze using: pip Run the following command: /opt/rh/rh-python38/root/usr/bin/python3.8 -m sslyze --regular

Expected behavior Successful scan

Python environment (please complete the following information): OS: Red Hat Enterprise Linux Server release 7.9 (Maipo) Python version: 3.8 SSLyzeL: 4.0.2

[nabla-c0d3]

@wondex Could you send me the server that triggered this issue? Otherwise I won't be able to fix it. Thanks!

[wondex]

Hi Alban,

This is related to a Red Hat product, is there any debug option to send you the actual TlsHandshakeTypeByte value?

[nabla-c0d3]

Can you show the results of a full scan against this server?

[wondex]

This is the full scan report (alterted the host information):

CHECKING HOST(S) AVAILABILITY

:443 => WARNING: Server requested optional client authentication SCAN RESULTS FOR :443 - ------------------------------------------------------------------- * TLS 1.2 Session Resumption Support: With Session IDs: OK - Supported (5 successful resumptions out of 5 attempts). With TLS Tickets: OK - Supported. * Session Renegotiation: Client Renegotiation DoS Attack: OK - Not vulnerable Secure Renegotiation: OK - Supported * Deflate Compression: OK - Compression disabled * TLS 1.0 Cipher Suites: Attempted to connect using 80 cipher suites. The server accepted the following 6 cipher suites: TLS_RSA_WITH_AES_256_CBC_SHA 256 TLS_RSA_WITH_AES_128_CBC_SHA 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 ECDH: prime256v1 (256 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 DH (2048 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (2048 bits) The group of cipher suites supported by the server has the following properties: Forward Secrecy OK - Supported Legacy RC4 Algorithm OK - Not Supported * TLS 1.1 Cipher Suites: Attempted to connect using 80 cipher suites. The server accepted the following 6 cipher suites: TLS_RSA_WITH_AES_256_CBC_SHA 256 TLS_RSA_WITH_AES_128_CBC_SHA 128 TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 ECDH: prime256v1 (256 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 DH (2048 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (2048 bits) The group of cipher suites supported by the server has the following properties: Forward Secrecy OK - Supported Legacy RC4 Algorithm OK - Not Supported * SSL 3.0 Cipher Suites: Attempted to connect using 80 cipher suites; the server rejected all cipher suites. * Certificates Information: Hostname sent for SNI: Number of certificates detected: 1 Certificate #0 ( _RSAPublicKey ) SHA1 Fingerprint: 2dd695ee475b86546b0b2e22af16b2589901d562 Common Name: Issuer: _{Serial Number: 5721029571254994925 Not Before: 2020-03-04 Not After: 2021-03-04 Public Key Algorithm: _RSAPublicKey Signature Algorithm: sha256 Key Size: 2048 Exponent: 65537 DNS Subject Alternative Names: ['', ''] Certificate #0 - Trust Hostname Validation: OK - Certificate matches server hostname Android CA Store (9.0.0_r9): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain Apple CA Store (iOS 14, iPadOS 14, macOS 11, watchOS 7, and tvOS 14):FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain Java CA Store (jdk-13.0.2): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain Mozilla CA Store (2021-01-24): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain Windows CA Store (2021-02-08): FAILED - Certificate is NOT Trusted: self signed certificate in certificate chain Symantec 2018 Deprecation: ERROR - Could not build verified chain (certificate untrusted?) Received Chain: --> Verified Chain: ERROR - Could not build verified chain (certificate untrusted?) Received Chain Contains Anchor: ERROR - Could not build verified chain (certificate untrusted?) Received Chain Order: FAILED - Certificate chain out of order! Verified Chain contains SHA1: ERROR - Could not build verified chain (certificate untrusted?) Certificate #0 - Extensions OCSP Must-Staple: NOT SUPPORTED - Extension not found Certificate Transparency: NOT SUPPORTED - Extension not found Certificate #0 - OCSP Stapling NOT SUPPORTED - Server did not send back an OCSP response * Downgrade Attacks: TLS_FALLBACK_SCSV: OK - Supported * SSL 2.0 Cipher Suites: Attempted to connect using 7 cipher suites; the server rejected all cipher suites. * TLS 1.3 Cipher Suites: Attempted to connect using 5 cipher suites; the server rejected all cipher suites. * TLS 1.2 Cipher Suites: Attempted to connect using 156 cipher suites. The server accepted the following 18 cipher suites: TLS_RSA_WITH_AES_256_GCM_SHA384 256 TLS_RSA_WITH_AES_256_CBC_SHA256 256 TLS_RSA_WITH_AES_256_CBC_SHA 256 TLS_RSA_WITH_AES_128_GCM_SHA256 128 TLS_RSA_WITH_AES_128_CBC_SHA256 128 TLS_RSA_WITH_AES_128_CBC_SHA 128 TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA 256 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 128 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 128 ECDH: prime256v1 (256 bits) TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA 128 ECDH: prime256v1 (256 bits) TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 256 DH (2048 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 256 DH (2048 bits) TLS_DHE_RSA_WITH_AES_256_CBC_SHA 256 DH (2048 bits) TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 128 DH (2048 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 128 DH (2048 bits) TLS_DHE_RSA_WITH_AES_128_CBC_SHA 128 DH (2048 bits) The group of cipher suites supported by the server has the following properties: Forward Secrecy OK - Supported Legacy RC4 Algorithm OK - Not Supported * Elliptic Curve Key Exchange: Supported curves: prime256v1, secp256k1, secp384r1, secp521r1 Rejected curves: X25519, X448, prime192v1, secp160k1, secp160r1, secp160r2, secp192k1, secp224k1, secp224r1, sect163k1, sect163r1, sect163r2, sect193r1, sect193r2, sect233k1, sect233r1, sect239k1, sect283k1, sect283r1, sect409k1, sect409r1, sect571k1, sect571r1 * Error when running --openssl_ccs: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information: * Server: :443 - * Scan command: openssl_ccs_injection Traceback (most recent call last): File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/scanner.py", line 264, in get_results result = implementation_cls.result_for_completed_scan_jobs( File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py", line 78, in result_for_completed_scan_jobs return OpenSslCcsInjectionScanResult(is_vulnerable_to_ccs_injection=completed_scan_jobs[0].result()) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 432, in result return self.__get_result() File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 388, in __get_result raise self._exception File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py", line 99, in _test_for_ccs_injection ssl_connection.connect() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/connection_helpers/tls_connection.py", line 293, in connect self.ssl_client.do_handshake() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/openssl_ccs_injection_plugin.py", line 145, in _do_handshake_with_ccs_injection tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/parser.py", line 17, in parse_bytes return TlsHandshakeRecord.from_bytes(raw_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 82, in from_bytes message, len_consumed_for_message = TlsHandshakeMessage.from_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 43, in from_bytes handshake_type = TlsHandshakeTypeByte(struct.unpack('B', raw_bytes[0:1])[0]) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 315, in __call__ return cls.__new__(cls, value) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 617, in __new__ raise ve_exc ValueError: 92 is not a valid TlsHandshakeTypeByte * Error when running --heartbleed: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information: * Server: :443 - * Scan command: heartbleed Traceback (most recent call last): File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/scanner.py", line 264, in get_results result = implementation_cls.result_for_completed_scan_jobs( File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 77, in result_for_completed_scan_jobs return HeartbleedScanResult(is_vulnerable_to_heartbleed=completed_scan_jobs[0].result()) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 432, in result return self.__get_result() File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 388, in __get_result raise self._exception File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 98, in _test_heartbleed ssl_connection.connect() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/connection_helpers/tls_connection.py", line 293, in connect self.ssl_client.do_handshake() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/heartbleed_plugin.py", line 157, in _do_handshake_with_heartbleed tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/parser.py", line 17, in parse_bytes return TlsHandshakeRecord.from_bytes(raw_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 82, in from_bytes message, len_consumed_for_message = TlsHandshakeMessage.from_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 43, in from_bytes handshake_type = TlsHandshakeTypeByte(struct.unpack('B', raw_bytes[0:1])[0]) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 315, in __call__ return cls.__new__(cls, value) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 617, in __new__ raise ve_exc ValueError: 92 is not a valid TlsHandshakeTypeByte * Error when running --robot: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information: * Server: :443 - * Scan command: robot Traceback (most recent call last): File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/scanner.py", line 264, in get_results result = implementation_cls.result_for_completed_scan_jobs( File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/robot/implementation.py", line 92, in result_for_completed_scan_jobs server_responses_per_robot_payloads = future.result() File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 432, in result return self.__get_result() File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/_base.py", line 388, in __get_result raise self._exception File "/opt/rh/rh-python38/root/usr/lib64/python3.8/concurrent/futures/thread.py", line 57, in run result = self.fn(*self.args, **self.kwargs) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/robot/_robot_tester.py", line 183, in test_robot server_responses_per_robot_payloads = _run_oracle_detection( File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/robot/_robot_tester.py", line 214, in _run_oracle_detection server_response = _send_robot_payload( File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/robot/_robot_tester.py", line 306, in _send_robot_payload ssl_connection.connect() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/connection_helpers/tls_connection.py", line 293, in connect self.ssl_client.do_handshake() File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/sslyze/plugins/robot/_robot_tester.py", line 356, in do_handshake_with_robot tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/parser.py", line 17, in parse_bytes return TlsHandshakeRecord.from_bytes(raw_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 82, in from_bytes message, len_consumed_for_message = TlsHandshakeMessage.from_bytes(remaining_bytes) File "/opt/rh/rh-python38/root/usr/local/lib/python3.8/site-packages/tls_parser/handshake_protocol.py", line 43, in from_bytes handshake_type = TlsHandshakeTypeByte(struct.unpack('B', raw_bytes[0:1])[0]) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 315, in __call__ return cls.__new__(cls, value) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/enum.py", line 617, in __new__ raise ve_exc ValueError: 92 is not a valid TlsHandshakeTypeByte}

[wondex]

@nabla-c0d3 is the information enough? because the label "need more info" is still attached? Thanks for maintaining sslyze it's a great tool ;-)

[nabla-c0d3]

@wondex To be honest I might need a live server that I can connect to, in order to be able to debug this; it looks like the server doesn't "speak" TLS. Any idea on how I could access a server that behaves like this?

[B-SPANO]

Seems enough close to not open another issue. Same Error: Not a valid TlsHandshakeTypeByte when running Robot on badssl domain.

• Error when running --robot: You can open an issue at https://github.com/nabla-c0d3/sslyze/issues with the following information:

  • SSLyze version: 5.0.2
  • Server: 1000-sans.badssl.com:443 - 104.154.89.105

  • Scan command: robot

    Traceback (most recent call last): File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/scanner/_mass_scanner.py", line 271, in _generate_result_for_completed_server_scan scan_job_results=scan_job_results_for_plugin, File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/robot/implementation.py", line 103, in result_for_completed_scan_jobs server_responses_per_robot_payloads = future.get_result() File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/plugin_base.py", line 62, in get_result raise self._exception File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/scanner/_jobs_worker_thread.py", line 50, in run return_value = job_to_complete.function_to_call(*job_to_complete.function_arguments) File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/robot/_robot_tester.py", line 191, in test_robot server_info, tls_version_to_use, cipher_string, rsa_modulus, rsa_exponent, robot_should_complete_handshake File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/robot/_robot_tester.py", line 228, in _run_oracle_detection rsa_exponent, File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/robot/_robot_tester.py", line 313, in _send_robot_payload ssl_connection.connect() File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/connection_helpers/tls_connection.py", line 292, in connect self.ssl_client.do_handshake() File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/sslyze/plugins/robot/_robot_tester.py", line 363, in do_handshake_with_robot tls_record, len_consumed = TlsRecordParser.parse_bytes(remaining_bytes) File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/tls_parser/parser.py", line 15, in parse_bytes return TlsHandshakeRecord.from_bytes(raw_bytes) File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/tls_parser/handshake_protocol.py", line 75, in from_bytes message, len_consumed_for_message = TlsHandshakeMessage.from_bytes(remaining_bytes) File "/home/brice/Workspace/SSLChecker/venv/lib/python3.7/site-packages/tls_parser/handshake_protocol.py", line 47, in from_bytes handshake_type = TlsHandshakeTypeByte(struct.unpack("B", raw_bytes[0:1])[0]) File "/usr/lib/python3.7/enum.py", line 310, in call return cls.new(cls, value) File "/usr/lib/python3.7/enum.py", line 564, in new raise exc File "/usr/lib/python3.7/enum.py", line 548, in new result = cls.missing(value) File "/usr/lib/python3.7/enum.py", line 577, in missing raise ValueError("%r is not a valid %s" % (value, cls.name)) ValueError: 28 is not a valid TlsHandshakeTypeByte

Hope that can help you :) Thanks for the Tools.