zgrab2 with tls1.3

[Damian96gz]

Hello, my project need some scans for tls1.3 connections, are there any field I can set while using the tls scanner to use tls 1.3?

The command I used is : ./zgrab2 tls -f input2.csv --connections-per-host=2

[mzpqnxow]

Hi @Damian96gz unfortunately there is no TLSv1.3 support. You can see https://github.com/zmap/zcrypto/pull/206 for more on this, but the summary is it requires a lot of work. zgrab2 uses zcrypto for encryption. zcrypto is a frozen golang stdlib with some compatibility hacks. To add support for TLSv1.3 will require a good amount of effort

Nobody seems to have had enough time to do this but it looks like @dissoupo is working on it according to recent notes on that PR - he has a fork here but I'm not sure how far along it is - https://github.com/dissoupov/zcrypto

[mzpqnxow]

Hi @Damian96gz unfortunately there is no TLSv1.3 support. You can see https://github.com/zmap/zcrypto/pull/206 for more on this, but the summary is it requires a lot of work. zgrab2 uses zcrypto for encryption. zcrypto is a frozen golang stdlib with some compatibility hacks. To add support for TLSv1.3 will require a good amount of effort

Nobody seems to have had enough time to do this but it looks like @dissoupo is working on it according to recent notes on that PR - he has a fork here but I'm not sure how far along it is - https://github.com/dissoupov/zcrypto

Note, since this post, there is now a TLS1.3 branch available and it works very well

[mzpqnxow]

I think this can be closed

[mzpqnxow]

@Damian96gz have you tried to use a recent build from master? You should see TLS1.3 support there now