Closed parthsankhala78 closed 5 years ago
Your version almost 3 years old - is there a particular reason why you are not using the new version? It also has the invalid curve attack.
with newer version, the latest one i have tried. it is giving me some config error saying -
[main] INFO : InvalidCurveAttacker - Did not receive ServerHello. Check your config ...Vulnerable: Uncertain..
And when i execute attack i get the following exception:::
This means that TLS-Attacker was unable to even receive a ServerHello before it could perform the Test. This may for example be the case if the host does not support Elliptic Curves at all. If the server indeed supports EC, it might be the case that the server exhibits some sort of intolerance which makes it reject the initial Clienthello. In that case you can play with the config (not trivial) to make the server accept the message. Alternatively - if you are just interested in a simple test - you can use TLS-Scanner (https://github.com/RUB-NDS/TLS-Scanner) which will also perform the invalid curve test for you.
This means that TLS-Attacker was unable to even receive a ServerHello before it could perform the Test. This may for example be the case if the host does not support Elliptic Curves at all. If the server indeed supports EC, it might be the case that the server exhibits some sort of intolerance which makes it reject the initial Clienthello. In that case you can play with the config (not trivial) to make the server accept the message. Alternatively - if you are just interested in a simple test - you can use TLS-Scanner (https://github.com/RUB-NDS/TLS-Scanner) which will also perform the invalid curve test for you.
How do I play with the config and make the server accpet the message hello.
Also, Why is the null pointer exception occurring when i just execute attack (see the bottom part in the last screenshot that I posted).
I want to execute the invalid curve attack anyhow. Please help.
Besides the most commonly need parameters in the commandline reference, you can specify a custom config with the -config flag. For a full reference of available Values see: https://github.com/RUB-NDS/TLS-Attacker/blob/master/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java The Attack is throwing a NullpointerException for the same reason the scan is not working - you did not receive a ServerHello.
Besides the most commonly need parameters in the commandline reference, you can specify a custom config with the -config flag. For a full reference of available Values see: https://github.com/RUB-NDS/TLS-Attacker/blob/master/TLS-Core/src/main/java/de/rub/nds/tlsattacker/core/config/Config.java The Attack is throwing a NullpointerException for the same reason the scan is not working - you did not receive a ServerHello.
How do i make it receive a ServerHello in my case? Can you help me with this.
Please provide the scanner output of TLS-Scanner. It can scan for various features and intolerances which will help us track down the problem.
Please provide the scanner output of TLS-Scanner. It can scan for various features and intolerances which will help us track down the problem.
This is the outcome of the Attacker(Upper) and the Server(Lower) terminal. In this we can clearly see that server is receiving ServerHello.: This is the outcome when i just connect the attacker to server:::
This is when i execute the attack::::
Then why is the null pointer exception occuring??
The Nullpointer exception is occuring at:
message.getComputations().setComputedPublicKeyX(x);
This is because message.getComputations() is null. This is the case if the message was not acutally computed, for example because the workflow not executed. The InvalidCurve Attack needs to execute multiple Workflows during the evaluation. If one of them does not execute properly you likely will receive a similar exception. The provided example Server you used to test this is not configured to execute multiple handshakes and shuts itself down after the first one, which will in return results in the second handshake not finishing. Additionally, the started Server is also not configured to speak EC, but is using RSA (default config). TLS-Attacker allows you to do this - but this is likely not what you had in mind.
The Nullpointer exception is occuring at:
message.getComputations().setComputedPublicKeyX(x);
This is because message.getComputations() is null. This is the case if the message was not acutally computed, for example because the workflow not executed. The InvalidCurve Attack needs to execute multiple Workflows during the evaluation. If one of them does not execute properly you likely will receive a similar exception. The provided example Server you used to test this is not configured to execute multiple handshakes and shuts itself down after the first one, which will in return results in the second handshake not finishing. Additionally, the started Server is also not configured to speak EC, but is using RSA (default config). TLS-Attacker allows you to do this - but this is likely not what you had in mind.
I am using the same TLS Attacker(Attacks.jar- invalid_curve) and the TLS Server that is provided in this project. I have even disabled TLS security in my system. Then why is the second handshake not finishing. and what should i do to make the server finish the second hand shake? Is there any registry changes that we have to do? or any config changes that will make the attack run?
The TLS-Attacker TLS-Server application does NOT work like any other TLS-Server. TLS-Attacker is designed to allow you to explicitly behave NOT according to the Specification. This is intended for security researchers and pentesters alike. The TLS-Server application is intended to analyze client applications - not to evaluate the provided attacks. Disabling TLS security on your System has no effect for TLS-Attacker since it provides its own custom TLS-Stack which ignores everything your operating system provides. If you want to test the invalid curve attack with a local server you need to run a real tls-server. If you run this tool against a real server, the server has to support static elliptic curve ciphersuites. TLS-Attacker also provides an option to test ephemeral ciphersuites with the -ephemeral flag. Note that this usually requires the server to reused public keys to be vulnerable. If the tool is still not working it is very likely that the server exhibits some sort of intolerance or requires the pressence of specific extensions which are not sent by default (SNI may be such a case (not sure if it is sent by default)). If you need further assistence I can only help you if you provide me access to the server - or atleast provide me TLS-Scanner AND Debug output of the tools.
The TLS-Attacker TLS-Server application does NOT work like any other TLS-Server. TLS-Attacker is designed to allow you to explicitly behave NOT according to the Specification. This is intended for security researchers and pentesters alike. The TLS-Server application is intended to analyze client applications - not to evaluate the provided attacks. Disabling TLS security on your System has no effect for TLS-Attacker since it provides its own custom TLS-Stack which ignores everything your operating system provides. If you want to test the invalid curve attack with a local server you need to run a real tls-server. If you run this tool against a real server, the server has to support static elliptic curve ciphersuites. TLS-Attacker also provides an option to test ephemeral ciphersuites with the -ephemeral flag. Note that this usually requires the server to reused public keys to be vulnerable. If the tool is still not working it is very likely that the server exhibits some sort of intolerance or requires the pressence of specific extensions which are not sent by default (SNI may be such a case (not sure if it is sent by default)). If you need further assistence I can only help you if you provide me access to the server - or atleast provide me TLS-Scanner AND Debug output of the tools.
Thank you for the support. Now I tried building the TLS scanner and this is the compilation problem that i am facing.:
The error indicates that you did not install TLS-Attacker 2.6. Please download TLS-Attacker 2.6 from the Releases Sektion (as well as TLS-Scanner 2.4 from the release section (not the current master branches) and install them with:
cd TLS-Attacker; mvn clean install; cd .. cd TLS-Scammer; mvn clean install
The error indicates that you did not install TLS-Attacker 2.6. Please download TLS-Attacker 2.6 from the Releases Sektion (as well as TLS-Scanner 2.4 from the release section (not the current master branches) and install them with:
cd TLS-Attacker; mvn clean install; cd .. cd TLS-Scammer; mvn clean install
Hi, I ran the scanner as you said. under section Attack Vulnerabilities i got the following output: Attack Vulnerabilities
Invalid Curve : [32mfalse[0m Invalid Curve Ephemerals : [32mfalse[0m
Does this mean that my server is safe from an invalid curve attack?
Yes, according to our tools it is
Yes, according to our tools it is
Hi, i seek one more answer. I ran TLS ATTACKER 2.6's TLS-Server at different ports. and when I scanned those ports with the TLS-SCANNER, it says that the port doesn't support TLS/SSL. How do i make the TLS-Server support TLS/SSL?
This is for the same reason the invalid curve test fails... the tls-attacker server is NOT a real server. It rejects connections after the first. Tls-Scanner needs to perform multiple Handshakes to perform the evaluation. Additionally, the server pretty much ignores the client which would result in completely nonsense results.
This is for the same reason the invalid curve test fails... the tls-attacker server is NOT a real server. It rejects connections after the first. Tls-Scanner needs to perform multiple Handshakes to perform the evaluation. Additionally, the server pretty much ignores the client which would result in completely nonsense results.
Is there any other server(servers supporting tls/ssl) that your application has that we can use to evaluate the TLS Scanner?
You can just use openssl. Or what are you looking for?
You can just use openssl. Or what are you looking for?
i just want to test the TLS-SCANNER with any other server which supports TLS/SSL. I have done with my server, now just had to verify using some existing server, that does it give the same scan results. That's what I'am looking for.
Then you can basically just use any Open Source tls library. They usually come with an example server which you can use test to test the scanner
I am using Java 8, Apache Maven 3.3.3. Compiled the older version(2016) of TLS Attacker successfully. Using Attacker as client and Study Transfer Unit(STU) as a Server, I ran an invalid_curve attack on the STU server. I get the following exception: E:\TLS-Attacker-master\Runnable>java -jar target\TLS-Attacker-1.0.jar invalid_curve 12:01:48.494 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Using the following security providers 12:01:48.497 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SUN, version, 1.8 12:01:48.497 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunRsaSign, version, 1.8 12:01:48.497 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunEC, version, 1.8 12:01:48.497 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunJSSE, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunJCE, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunJGSS, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunSASL, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider XMLDSig, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunPCSC, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider SunMSCAPI, version, 1.8 12:01:48.500 [main] DEBUG de.rub.nds.tlsattacker.tls.config.ConfigHandler - Provider BC, version, 1.54 Exception in thread "main" de.rub.nds.tlsattacker.tls.exceptions.ConfigurationException: Not possible to use unrestricted policy in Oracle JDK at de.rub.nds.tlsattacker.tls.config.ConfigHandler.initialize(ConfigHandler.java:85) at de.rub.nds.tlsattacker.Main.main(Main.java:145) Caused by: java.lang.IllegalAccessException: Can not set static final boolean field javax.crypto.JceSecurity.isRestricted to java.lang.Boolean at sun.reflect.UnsafeFieldAccessorImpl.throwFinalFieldIllegalAccessException(UnsafeFieldAccessorImpl.java:76) at sun.reflect.UnsafeFieldAccessorImpl.throwFinalFieldIllegalAccessException(UnsafeFieldAccessorImpl.java:80) at sun.reflect.UnsafeQualifiedStaticBooleanFieldAccessorImpl.set(UnsafeQualifiedStaticBooleanFieldAccessorImpl.java:77) at java.lang.reflect.Field.set(Field.java:764) at de.rub.nds.tlsattacker.tls.config.ConfigHandler.initialize(ConfigHandler.java:82) ... 1 more
Please Help with the issue: