prbinu / tls-scan

An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
https://prbinu.github.io/tls-scan
Other
290 stars 54 forks source link

Regarding SSLv3 and TLSv1.1. in the parsed results #15

Closed ealashwali closed 6 years ago

ealashwali commented 6 years ago

Hi, I suspect there is some bug in recording the TLS version in the results (json file) or somewhere. Using tls-scan on a large set of addresses I get very high number of SSLv3 in the results (around 70%) which sounds unusual. The SSLv3 version code as far as I know is:
SSLv3: 0x00000300 TLS1.0: 0x00000301 TLS1.1: 0x00000302 TLS1.2: 0x00000303

Do you suspect any issue in parsing the server's selected version value (from the server hello)? I am using the tls-scan tool not for enumeration, just a regular handshake. I compiled my tls-scan using this .sh file (and I specified OpenSSL 1.1.0g): https://github.com/prbinu/tls-scan/blob/master/build-x86-64-openssl-1.1.0.sh

Thanks.

prbinu commented 6 years ago

Please provide steps to reproduce. In this case, I would expect the full command line parameters used, server, and the output you received.

ealashwali commented 6 years ago

Here is an example: ./tls-scan --connect=100.0.35.204 --ip --port=443 --cacert=../../../../../etc/ssl/certs/ca-certificates.crt --timeout=5 --ciphers="AES128-SHA:AES256-SHA"

Output: { "ip": "100.0.35.204", "port": 443, "cipher": "AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1", "secureRenego": false, "compression": "NONE", "expansion": "NONE", "x509ChainDepth": 1, "verifyCertResult": false, "verifyCertError": "self signed certificate", "verifyHostResult": false, "ocspStapled": false, "certificateChain": [ { "version": 3, "subject": "CN=ORname_Jungo: OpenRG Products Group; C=US", "issuer": "CN=ORname_Jungo: OpenRG Products Group; C=US", "subjectCN": "ORname_Jungo: OpenRG Products Group", "signatureAlg": "md5WithRSAEncryption", "notBefore": "Jun 3 11:11:43 2004 GMT", "notAfter": "May 29 11:11:43 2024 GMT", "expired": false, "serialNo": "00", "keyUsage": "Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Certificate Sign", "extKeyUsage": "TLS Web Client Authentication, Code Signing, E-mail Protection, TLS Web Server Authentication", "publicKeyAlg": "RSA", "publicKeySize": 1024, "basicConstraints": "CA:TRUE, pathlen:5", "sha1Fingerprint": "43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11" } ] }

the version in the output is SSLv3. The actual negotiated by inspecting the packets is TLS 1.0.

There are two other issues I posted after this. I just need two things: 1) parse SSLv3, TLS1.0, TLS1.1. correctly in the results. Also, I want to be able to disable SSLv3 from the associated OpenSSL (1.1.0) but when I do this I get compilation error (related to ssl3) which only get solved if I enable ssl3 and ssl3-methods in the OpenSSL compilation. I wil appreciate if you can let me know if these issues can be solved any soon?

prbinu commented 6 years ago

Please note that the same cipher can be used with multiple SSL/TLS versions. I would recommend to review the cipher and TLS version support

openssl ciphers -stdname https://wiki.mozilla.org/Security/Server_Side_TLS

ealashwali commented 6 years ago

I am referring to the TLS version in the ServerHello message (i.e. the session's TLS version). But this seems the min. TLS version that supports the ciphersuite. Is there any way I am missing, through which I can get the session's TLS version (not the ciphersuite's TLS version).

prbinu commented 6 years ago

unless you use --version-enum, by default the output doesn't include the the default negotiated TLS version (the example CLI you used). I should be able to add this to the scan output. give me couple of days.

prbinu commented 6 years ago

I have added a new field tlsVersion. Please close the ticket if this satisfies your requirement.

 ./tls-scan --connect=100.0.35.204 --ip --port=443 --cacert=ca-bundle.crt  --timeout=5 --ciphers="AES128-SHA:AES256-SHA" --pretty
{
  "ip": "100.0.35.204",
  "port": 443,
  "tlsVersion": "TLSv1",
  "cipher": "AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1",
  "secureRenego": false,
  "compression": "NONE",
  "expansion": "NONE",
  "x509ChainDepth": 1,
  "verifyCertResult": false,
  "verifyCertError": "self signed certificate",
  "verifyHostResult": false,
  "ocspStapled": false,
  "certificateChain": [
  {
    "version": 3,
    "subject": "CN=ORname_Jungo: OpenRG Products Group; C=US",
    "issuer": "CN=ORname_Jungo: OpenRG Products Group; C=US",
    "subjectCN": "ORname_Jungo: OpenRG Products Group",
    "signatureAlg": "md5WithRSAEncryption",
    "notBefore": "Jun  3 11:11:43 2004 GMT",
    "notAfter": "May 29 11:11:43 2024 GMT",
    "expired": false,
    "serialNo": "00",
    "keyUsage": "Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment, Certificate Sign",
    "extKeyUsage": "TLS Web Client Authentication, Code Signing, E-mail Protection, TLS Web Server Authentication",
    "publicKeyAlg": "RSA",
    "publicKeySize": 1024,
    "basicConstraints": "CA:TRUE, pathlen:5",
    "sha1Fingerprint": "43:88:33:C0:94:F6:AF:C8:64:C6:0E:4A:6F:57:E9:F4:D1:28:14:11"
  } ]
}