search

prbinu / tls-scan

An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
https://prbinu.github.io/tls-scan
Other
283 stars 54 forks source link

Incorrect `tlsVersions` in output #45

Open stayallive opened 2 years ago

stayallive commented 2 years ago

Hi there,

Unless I'm misinterpreting something the tlsVersions key seems to be incorrect.

./bin/tls-scan-1.4.8-darwin -c twitter.com --cacert cacert.pem --version-enum
{
    "host": "twitter.com",
    "ip": "104.244.42.193",
    "port": 443,
    "elapsedTime": 221,
    "tlsVersion": "TLSv1.2",
    "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD",
    "tempPublicKeyAlg": "ECDH prime256v1",
    "tempPublicKeySize": 256,
    "secureRenego": true,
    "compression": "NONE",
    "expansion": "NONE",
    "sessionLifetimeHint": 7200,
    "tlsVersions": [
        "TLSv1_3"
    ],
    "x509ChainDepth": 2,
    "verifyCertResult": true,
    "verifyHostResult": true,
    "ocspStapled": false,
    "certificateChain": [
        {
            "version": 3,
            "subject": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
            "issuer": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
            "subjectCN": "twitter.com",
            "subjectAltName": "DNS:twitter.com, DNS:www.twitter.com",
            "signatureAlg": "ecdsa-with-SHA384",
            "notBefore": "Mar  7 00:00:00 2022 GMT",
            "notAfter": "Mar  6 23:59:59 2023 GMT",
            "expired": false,
            "serialNo": "02:93:C3:98:C2:CF:4A:67:BE:83:B5:37:54:DA:93:79",
            "keyUsage": "Digital Signature critical",
            "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
            "publicKeyAlg": "ECC prime256v1",
            "publicKeySize": 256,
            "basicConstraints": "CA:FALSE",
            "subjectKeyIdentifier": "23:2E:02:96:1A:49:3A:2E:52:84:60:D0:D3:C0:72:0A:8F:53:34:28",
            "sha1Fingerprint": "37:63:F4:77:39:1F:19:EF:D1:63:ED:67:74:1B:92:83:0F:9E:D4:93"
        },
        {
            "version": 3,
            "subject": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
            "issuer": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
            "subjectCN": "DigiCert TLS Hybrid ECC SHA384 2020 CA1",
            "signatureAlg": "sha384WithRSAEncryption",
            "notBefore": "Apr 14 00:00:00 2021 GMT",
            "notAfter": "Apr 13 23:59:59 2031 GMT",
            "expired": false,
            "serialNo": "07:F2:F3:5C:87:A8:77:AF:7A:EF:E9:47:99:35:25:BD",
            "keyUsage": "Digital Signature, Certificate Sign, CRL Sign critical",
            "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
            "publicKeyAlg": "ECC secp384r1",
            "publicKeySize": 384,
            "basicConstraints": "CA:TRUE, pathlen:0 critical",
            "subjectKeyIdentifier": "0A:BC:08:29:17:8C:A5:39:6D:7A:0E:CE:33:C7:2E:B3:ED:FB:C3:7A",
            "sha1Fingerprint": "AE:C1:3C:DD:5E:A6:A3:99:8A:EC:14:AC:33:1A:D9:6B:ED:BB:77:0F"
        }
    ]
}

tlsVersions only lists TLSv1_3 even though tlsVersion states 1.2 which Twitter also supports. So it's either missing TLSv1_2 from the list or I'm missing something obvious why it shouldn't be there :)

prbinu commented 2 years ago

Yes, ideally both should appear in tlsVersions field. I guess, the code fails to add the default (initial) handshake tlsVersion to tlsVersions array. I will look into it.

Thanks!

prbinu commented 2 years ago

@stayallive, I was trying to replicate the reported issue, but I believe, I'm getting correct output. Please let me know if i missed out anything.

$ ~/tls-scan/tls-scan -v
tls-scan 1.4.8 Darwin 2022-01-09
Built with OpenSSL-100020b0 GnuTLS-3060a

$ ~/tls-scan/tls-scan  -c twitter.com --cacert ~/tls-scan/ca-bundle.crt --version-enum --pretty
{
  "host": "twitter.com",
  "ip": "104.244.42.65",
  "port": 443,
  "elapsedTime": 280,
  "tlsVersion": "TLSv1.2",
  "cipher": "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD",
  "tempPublicKeyAlg": "ECDH prime256v1",
  "tempPublicKeySize": 256,
  "secureRenego": true,
  "compression": "NONE",
  "expansion": "NONE",
  "sessionLifetimeHint": 7200,
  "tlsVersions": [
    "TLSv1_2",
    "TLSv1_3"
  ],
  "x509ChainDepth": 2,
  "verifyCertResult": true,
  "verifyHostResult": true,
  "ocspStapled": false,
  "certificateChain": [
  {
    "version": 3,
    "subject": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "issuer": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "subjectCN": "twitter.com",
    "subjectAltName": "DNS:twitter.com, DNS:www.twitter.com",
    "signatureAlg": "sha256WithRSAEncryption",
    "notBefore": "Dec 13 00:00:00 2021 GMT",
    "notAfter": "Dec 12 23:59:59 2022 GMT",
    "expired": false,
    "serialNo": "0D:E1:52:69:6B:2F:96:70:D6:C7:DB:18:CE:1C:71:A0",
    "keyUsage": "Digital Signature, Key Encipherment critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "RSA",
    "publicKeySize": 2048,
    "basicConstraints": "CA:FALSE critical",
    "subjectKeyIdentifier": "1B:D7:11:7F:CC:4B:27:B8:12:60:82:C8:6B:34:F4:70:92:22:AD:3E",
    "sha1Fingerprint": "DA:26:F7:2E:AC:AC:75:CC:EE:79:41:40:44:10:20:84:86:97:AE:B0"
  },  {
    "version": 3,
    "subject": "CN=DigiCert TLS RSA SHA256 2020 CA1; O=DigiCert Inc; C=US",
    "issuer": "CN=DigiCert TLS RSA SHA256 2020 CA1; O=DigiCert Inc; C=US",
    "subjectCN": "DigiCert TLS RSA SHA256 2020 CA1",
    "signatureAlg": "sha256WithRSAEncryption",
    "notBefore": "Apr 14 00:00:00 2021 GMT",
    "notAfter": "Apr 13 23:59:59 2031 GMT",
    "expired": false,
    "serialNo": "06:D8:D9:04:D5:58:43:46:F6:8A:2F:A7:54:22:7E:C4",
    "keyUsage": "Digital Signature, Certificate Sign, CRL Sign critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "RSA",
    "publicKeySize": 2048,
    "basicConstraints": "CA:TRUE, pathlen:0 critical",
    "subjectKeyIdentifier": "B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4",
    "sha1Fingerprint": "1C:58:A3:A8:51:8E:87:59:BF:07:5B:76:B7:50:D4:F2:DF:26:4F:CD"
  } ]
}
stayallive commented 2 years ago

The only thing I can think of at this moment is that I'm using a M1 MacBook.

Just ran it again but same result:

 ❯ ./bin/tls-scan-1.4.8-darwin -v
tls-scan 1.4.8 Darwin 2022-01-09
Built with OpenSSL-100020b0 GnuTLS-3060a

 ❯ ./bin/tls-scan-1.4.8-darwin -c twitter.com --cacert cacert.pem --version-enum --pretty
{
  "host": "twitter.com",
  "ip": "104.244.42.65",
  "port": 443,
  "elapsedTime": 195,
  "tlsVersion": "TLSv1.2",
  "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD",
  "tempPublicKeyAlg": "ECDH prime256v1",
  "tempPublicKeySize": 256,
  "secureRenego": true,
  "compression": "NONE",
  "expansion": "NONE",
  "sessionLifetimeHint": 7200,
  "tlsVersions": [
    "TLSv1_3"
  ],
  "x509ChainDepth": 2,
  "verifyCertResult": true,
  "verifyHostResult": true,
  "ocspStapled": false,
  "certificateChain": [
  {
    "version": 3,
    "subject": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "issuer": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "subjectCN": "twitter.com",
    "subjectAltName": "DNS:twitter.com, DNS:www.twitter.com",
    "signatureAlg": "ecdsa-with-SHA384",
    "notBefore": "Mar  7 00:00:00 2022 GMT",
    "notAfter": "Mar  6 23:59:59 2023 GMT",
    "expired": false,
    "serialNo": "02:93:C3:98:C2:CF:4A:67:BE:83:B5:37:54:DA:93:79",
    "keyUsage": "Digital Signature critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "ECC prime256v1",
    "publicKeySize": 256,
    "basicConstraints": "CA:FALSE",
    "subjectKeyIdentifier": "23:2E:02:96:1A:49:3A:2E:52:84:60:D0:D3:C0:72:0A:8F:53:34:28",
    "sha1Fingerprint": "37:63:F4:77:39:1F:19:EF:D1:63:ED:67:74:1B:92:83:0F:9E:D4:93"
  },  {
    "version": 3,
    "subject": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
    "issuer": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
    "subjectCN": "DigiCert TLS Hybrid ECC SHA384 2020 CA1",
    "signatureAlg": "sha384WithRSAEncryption",
    "notBefore": "Apr 14 00:00:00 2021 GMT",
    "notAfter": "Apr 13 23:59:59 2031 GMT",
    "expired": false,
    "serialNo": "07:F2:F3:5C:87:A8:77:AF:7A:EF:E9:47:99:35:25:BD",
    "keyUsage": "Digital Signature, Certificate Sign, CRL Sign critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "ECC secp384r1",
    "publicKeySize": 384,
    "basicConstraints": "CA:TRUE, pathlen:0 critical",
    "subjectKeyIdentifier": "0A:BC:08:29:17:8C:A5:39:6D:7A:0E:CE:33:C7:2E:B3:ED:FB:C3:7A",
    "sha1Fingerprint": "AE:C1:3C:DD:5E:A6:A3:99:8A:EC:14:AC:33:1A:D9:6B:ED:BB:77:0F"
  } ]
}

<|---------Scan Summary---------|>
 [79456] ciphers             :  (0)
 [79456] host-count          : 1
 [79456] network-error       : 5
 [79456] dns-errcount        : 0
 [79456] remote-close-error  : 0
 [79456] unknown-error       : 0
 [79456] timeout-error       : 0
 [79456] connect-error       : 0
 [79456] tls-handshake       : 1
 [79456] gross-tls-handshake : 2
 [79456] elapsed-time        : 0.312536 secs
<|------------------------------|>

But I also ran it on my Linux server and I got this:

# ./bin/tls-scan-1.4.8-linux -v
tls-scan 1.4.8 Linux 2022-01-09
Built with OpenSSL-100020b0 GnuTLS-3060a

# ./bin/tls-scan-1.4.8-linux -c twitter.com --cacert cacert.pem --version-enum --pretty
{
  "host": "twitter.com",
  "ip": "104.244.42.129",
  "port": 443,
  "elapsedTime": 299,
  "tlsVersion": "TLSv1.2",
  "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD",
  "tempPublicKeyAlg": "ECDH prime256v1",
  "tempPublicKeySize": 256,
  "secureRenego": true,
  "compression": "NONE",
  "expansion": "NONE",
  "sessionLifetimeHint": 7200,
  "tlsVersions": [
    "TLSv1_3"
  ],
  "x509ChainDepth": 2,
  "verifyCertResult": true,
  "verifyHostResult": true,
  "ocspStapled": false,
  "certificateChain": [
  {
    "version": 3,
    "subject": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "issuer": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "subjectCN": "twitter.com",
    "subjectAltName": "DNS:twitter.com, DNS:www.twitter.com",
    "signatureAlg": "ecdsa-with-SHA384",
    "notBefore": "Mar  7 00:00:00 2022 GMT",
    "notAfter": "Mar  6 23:59:59 2023 GMT",
    "expired": false,
    "serialNo": "02:93:C3:98:C2:CF:4A:67:BE:83:B5:37:54:DA:93:79",
    "keyUsage": "Digital Signature critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "ECC prime256v1",
    "publicKeySize": 256,
    "basicConstraints": "CA:FALSE",
    "subjectKeyIdentifier": "23:2E:02:96:1A:49:3A:2E:52:84:60:D0:D3:C0:72:0A:8F:53:34:28",
    "sha1Fingerprint": "37:63:F4:77:39:1F:19:EF:D1:63:ED:67:74:1B:92:83:0F:9E:D4:93"
  },  {
    "version": 3,
    "subject": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
    "issuer": "CN=DigiCert TLS Hybrid ECC SHA384 2020 CA1; O=DigiCert Inc; C=US",
    "subjectCN": "DigiCert TLS Hybrid ECC SHA384 2020 CA1",
    "signatureAlg": "sha384WithRSAEncryption",
    "notBefore": "Apr 14 00:00:00 2021 GMT",
    "notAfter": "Apr 13 23:59:59 2031 GMT",
    "expired": false,
    "serialNo": "07:F2:F3:5C:87:A8:77:AF:7A:EF:E9:47:99:35:25:BD",
    "keyUsage": "Digital Signature, Certificate Sign, CRL Sign critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "ECC secp384r1",
    "publicKeySize": 384,
    "basicConstraints": "CA:TRUE, pathlen:0 critical",
    "subjectKeyIdentifier": "0A:BC:08:29:17:8C:A5:39:6D:7A:0E:CE:33:C7:2E:B3:ED:FB:C3:7A",
    "sha1Fingerprint": "AE:C1:3C:DD:5E:A6:A3:99:8A:EC:14:AC:33:1A:D9:6B:ED:BB:77:0F"
  } ]
}

<|---------Scan Summary---------|>
 [1144351] ciphers             :  (0)
 [1144351] host-count          : 1
 [1144351] network-error       : 5
 [1144351] dns-errcount        : 0
 [1144351] remote-close-error  : 0
 [1144351] unknown-error       : 0
 [1144351] timeout-error       : 0
 [1144351] connect-error       : 0
 [1144351] tls-handshake       : 1
 [1144351] gross-tls-handshake : 2
 [1144351] elapsed-time        : 0.313236 secs
<|------------------------------|>

Version numbers match, shouldn't have anything to do with the OpenSSL libraries available on the host machine right? I used the latest CA bundle from here but I doubt that matters.

Any other clue? :D

prbinu commented 2 years ago

All dependencies are statically linked, so it could be something else :( .

thorgrin commented 1 year ago

I just ran into the same problem. 

git clone https://github.com/prbinu/tls-scan.git
cd tls-scan
docker build -t tls-scan .
docker run --rm tls-scan --connect=twitter.com:443 --version-enum  --pretty
{
  "host": "twitter.com",
  "ip": "104.244.42.1",
  "port": 443,
  "elapsedTime": 211,
  "tlsVersion": "TLSv1.2",
  "cipher": "ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=ECDSA Enc=AESGCM(128) Mac=AEAD",
  "tempPublicKeyAlg": "ECDH prime256v1",
  "tempPublicKeySize": 256,
  "secureRenego": true,
  "compression": "NONE",
  "expansion": "NONE",
  "sessionLifetimeHint": 7200,
  "tlsVersions": [
    "TLSv1_3"
  ],
prbinu commented 1 year ago

I still could not reproduce this issue :( 

$ git clone https://github.com/prbinu/tls-scan.git
Cloning into 'tls-scan'...

$ cd tls-scan/
$ docker build -t tls-scan .
[+] Building 543.2s (14/14) FINISHED
...
 => => writing image sha256:20d0db0adb4ce168cdff78e402d80a72747c4a189013600590a74bee0ebfa893                                                                                                            0.0s
 => => naming to docker.io/library/tls-scan                                                                                                                                                             0.0s

$ docker run --rm tls-scan --connect=twitter.com:443 --version-enum  --pretty
{
  "host": "twitter.com",
  "ip": "104.244.42.65",
  "port": 443,
  "elapsedTime": 418,
  "tlsVersion": "TLSv1.2",
  "cipher": "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AESGCM(128) Mac=AEAD",
  "tempPublicKeyAlg": "ECDH prime256v1",
  "tempPublicKeySize": 256,
  "secureRenego": true,
  "compression": "NONE",
  "expansion": "NONE",
  "sessionLifetimeHint": 7200,
  "tlsVersions": [
    "TLSv1_2",
    "TLSv1_3"
  ],
  "x509ChainDepth": 2,
  "verifyCertResult": true,
  "verifyHostResult": true,
  "ocspStapled": false,
  "certificateChain": [
  {
    "version": 3,
    "subject": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "issuer": "CN=twitter.com; O=Twitter, Inc.; L=San Francisco; ST=California; C=US",
    "subjectCN": "twitter.com",
    "subjectAltName": "DNS:twitter.com, DNS:www.twitter.com",
    "signatureAlg": "sha256WithRSAEncryption",
    "notBefore": "Dec 11 00:00:00 2022 GMT",
    "notAfter": "Dec 11 23:59:59 2023 GMT",
    "expired": false,
    "serialNo": "0A:2C:01:B8:2B:5D:47:73:9A:5A:01:1A:6F:DC:1A:20",
    "keyUsage": "Digital Signature, Key Encipherment critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "RSA",
    "publicKeySize": 2048,
    "basicConstraints": "CA:FALSE",
    "subjectKeyIdentifier": "C7:5F:C7:8F:F5:AE:79:1A:DB:1F:D0:A4:4B:0B:A5:DE:CE:2C:E3:C2",
    "sha1Fingerprint": "70:53:29:61:4B:71:42:24:19:CE:6F:DE:AB:6F:A5:74:47:E0:D0:84"
  },  {
    "version": 3,
    "subject": "CN=DigiCert TLS RSA SHA256 2020 CA1; O=DigiCert Inc; C=US",
    "issuer": "CN=DigiCert TLS RSA SHA256 2020 CA1; O=DigiCert Inc; C=US",
    "subjectCN": "DigiCert TLS RSA SHA256 2020 CA1",
    "signatureAlg": "sha256WithRSAEncryption",
    "notBefore": "Apr 14 00:00:00 2021 GMT",
    "notAfter": "Apr 13 23:59:59 2031 GMT",
    "expired": false,
    "serialNo": "06:D8:D9:04:D5:58:43:46:F6:8A:2F:A7:54:22:7E:C4",
    "keyUsage": "Digital Signature, Certificate Sign, CRL Sign critical",
    "extKeyUsage": "TLS Web Server Authentication, TLS Web Client Authentication",
    "publicKeyAlg": "RSA",
    "publicKeySize": 2048,
    "basicConstraints": "CA:TRUE, pathlen:0 critical",
    "subjectKeyIdentifier": "B7:6B:A2:EA:A8:AA:84:8C:79:EA:B4:DA:0F:98:B2:C5:95:76:B9:F4",
    "sha1Fingerprint": "1C:58:A3:A8:51:8E:87:59:BF:07:5B:76:B7:50:D4:F2:DF:26:4F:CD"
  } ]
}

<|---------Scan Summary---------|>
 [1] ciphers             :  (0)
 [1] host-count          : 1
 [1] network-error       : 4
 [1] dns-errcount        : 0
 [1] remote-close-error  : 0
 [1] unknown-error       : 0
 [1] timeout-error       : 0
 [1] connect-error       : 0
 [1] tls-handshake       : 1
 [1] gross-tls-handshake : 3
 [1] elapsed-time        : 0.432258 secs
<|------------------------------|>
stayallive commented 1 year ago

I am starting to think this is a GEO-dependant bug maybe... since I can still reproduce it and @thorgrin is in my timezone (UTC+2) so if you @prbinu are in another timezone maybe you are hitting another Twitter datacenter or something which might behave differently.