search

tls-attacker / TLS-Scanner

The TLS-Scanner Module from TLS-Attacker
Other
264 stars 39 forks source link

Documentation for TLS-Client-Scanner #91

Closed ShadowHunter370 closed 2 years ago

ShadowHunter370 commented 2 years ago

Hello!

I want to use the TLS-Client-Scanner to scan the client side. Are there any documentations for TLS-Client-Scanner.jar or more description on how this tool can be used or how it works? I have looked at the -help argument to see all the different commands and tried the command:

java -jar apps/TLS-Client-Scanner.jar -port 8080 -run "curl google.com"

However, it doesn't return anything and hangs.

mmaehren commented 2 years ago

Hey, our client scanner is still in development so there is no documentation yet as a lot of code is still being moved around. I'm a little confused by your command. The -run parameter is meant to convey a command that can be used to start a client that connects to the Client-Scanner. A curl request to google.com won't lead google to initiate a TLS connection to your scanner. Instead, you are simply fetching an HTML document from google.com. Consequently, the Client-Scanner keeps waiting for a connection attempt indefinitely. Are you sure you mean to use the Client-Scanner? If you want to evaluate a server, where you act as the client, you should use TLS-Server-Scanner.jar instead.

ShadowHunter370 commented 2 years ago

Thank you for your reply!

I have tried TLS-Server-Scanner.jar and it worked great. From what I understand, TLS-Server-Scanner.jar "pretends" to be a client and connects to a server in order to scan that server.

For my next task, I want to evaluate a client. From your comment, it seems that the Client-Scanner, in a sense, pretends to be a server on a port (that is running, for example, 1234). The port is specified by -port. Then the -run command will start a client that connects to the port that Client-Scanner is on (in this case, port 1234). Then once the connection is made, Client-Scanner will scan the client.

Is my understanding of how Client-Scanner works correct?

mmaehren commented 2 years ago

Your understanding of the Client-Scanner is correct. For testing purposes, you can use a local OpenSSL setup where you can call the client using the -run parameter like this: openssl s_client -connect localhost:8080

ShadowHunter370 commented 2 years ago

I see. Thank you very much, it makes sense now!