├── LICENSE
├── README.md
├── Tools
├── CVE-2016-2107.tgz
├── beast_check.pl
├── heartbleed-poc.tgz
├── heartleech.tgz
├── ike-scan.tgz
├── nmap-7.12.tar.bz2
└── sslyze.tgz
└── Vulnerabilities
├── 38140 - SSL Server Supports Weak Encryption Vulnerability.md
├── 38601 - SSL:TLS use of weak RC4 cipher on Multiple Hosts.md
├── 38603 - SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE).md
├── 38626 - OpenSSL oracle padding vulnerability (CVE-2016-2107).md
├── 42366 - SSLv3.0:TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST).md
├── 42430 - OpenSSL Memory Leak Vulnerability (Heartbleed Bug).md
├── IKE Aggressive Mode Authentication Enabled.md
├── NTP Servers Exposed to Internet.md
├── SNMP Server Enabled.md
├── SSL:TLS Enabled in SMTP.md
└── TLSv1 Enabled in SMTP or HTTP.md
/LICENSE:
--------------------------------------------------------------------------------
1 | Apache License
2 | Version 2.0, January 2004
3 | http://www.apache.org/licenses/
4 |
5 | TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
6 |
7 | 1. Definitions.
8 |
9 | "License" shall mean the terms and conditions for use, reproduction,
10 | and distribution as defined by Sections 1 through 9 of this document.
11 |
12 | "Licensor" shall mean the copyright owner or entity authorized by
13 | the copyright owner that is granting the License.
14 |
15 | "Legal Entity" shall mean the union of the acting entity and all
16 | other entities that control, are controlled by, or are under common
17 | control with that entity. For the purposes of this definition,
18 | "control" means (i) the power, direct or indirect, to cause the
19 | direction or management of such entity, whether by contract or
20 | otherwise, or (ii) ownership of fifty percent (50%) or more of the
21 | outstanding shares, or (iii) beneficial ownership of such entity.
22 |
23 | "You" (or "Your") shall mean an individual or Legal Entity
24 | exercising permissions granted by this License.
25 |
26 | "Source" form shall mean the preferred form for making modifications,
27 | including but not limited to software source code, documentation
28 | source, and configuration files.
29 |
30 | "Object" form shall mean any form resulting from mechanical
31 | transformation or translation of a Source form, including but
32 | not limited to compiled object code, generated documentation,
33 | and conversions to other media types.
34 |
35 | "Work" shall mean the work of authorship, whether in Source or
36 | Object form, made available under the License, as indicated by a
37 | copyright notice that is included in or attached to the work
38 | (an example is provided in the Appendix below).
39 |
40 | "Derivative Works" shall mean any work, whether in Source or Object
41 | form, that is based on (or derived from) the Work and for which the
42 | editorial revisions, annotations, elaborations, or other modifications
43 | represent, as a whole, an original work of authorship. For the purposes
44 | of this License, Derivative Works shall not include works that remain
45 | separable from, or merely link (or bind by name) to the interfaces of,
46 | the Work and Derivative Works thereof.
47 |
48 | "Contribution" shall mean any work of authorship, including
49 | the original version of the Work and any modifications or additions
50 | to that Work or Derivative Works thereof, that is intentionally
51 | submitted to Licensor for inclusion in the Work by the copyright owner
52 | or by an individual or Legal Entity authorized to submit on behalf of
53 | the copyright owner. For the purposes of this definition, "submitted"
54 | means any form of electronic, verbal, or written communication sent
55 | to the Licensor or its representatives, including but not limited to
56 | communication on electronic mailing lists, source code control systems,
57 | and issue tracking systems that are managed by, or on behalf of, the
58 | Licensor for the purpose of discussing and improving the Work, but
59 | excluding communication that is conspicuously marked or otherwise
60 | designated in writing by the copyright owner as "Not a Contribution."
61 |
62 | "Contributor" shall mean Licensor and any individual or Legal Entity
63 | on behalf of whom a Contribution has been received by Licensor and
64 | subsequently incorporated within the Work.
65 |
66 | 2. Grant of Copyright License. Subject to the terms and conditions of
67 | this License, each Contributor hereby grants to You a perpetual,
68 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
69 | copyright license to reproduce, prepare Derivative Works of,
70 | publicly display, publicly perform, sublicense, and distribute the
71 | Work and such Derivative Works in Source or Object form.
72 |
73 | 3. Grant of Patent License. Subject to the terms and conditions of
74 | this License, each Contributor hereby grants to You a perpetual,
75 | worldwide, non-exclusive, no-charge, royalty-free, irrevocable
76 | (except as stated in this section) patent license to make, have made,
77 | use, offer to sell, sell, import, and otherwise transfer the Work,
78 | where such license applies only to those patent claims licensable
79 | by such Contributor that are necessarily infringed by their
80 | Contribution(s) alone or by combination of their Contribution(s)
81 | with the Work to which such Contribution(s) was submitted. If You
82 | institute patent litigation against any entity (including a
83 | cross-claim or counterclaim in a lawsuit) alleging that the Work
84 | or a Contribution incorporated within the Work constitutes direct
85 | or contributory patent infringement, then any patent licenses
86 | granted to You under this License for that Work shall terminate
87 | as of the date such litigation is filed.
88 |
89 | 4. Redistribution. You may reproduce and distribute copies of the
90 | Work or Derivative Works thereof in any medium, with or without
91 | modifications, and in Source or Object form, provided that You
92 | meet the following conditions:
93 |
94 | (a) You must give any other recipients of the Work or
95 | Derivative Works a copy of this License; and
96 |
97 | (b) You must cause any modified files to carry prominent notices
98 | stating that You changed the files; and
99 |
100 | (c) You must retain, in the Source form of any Derivative Works
101 | that You distribute, all copyright, patent, trademark, and
102 | attribution notices from the Source form of the Work,
103 | excluding those notices that do not pertain to any part of
104 | the Derivative Works; and
105 |
106 | (d) If the Work includes a "NOTICE" text file as part of its
107 | distribution, then any Derivative Works that You distribute must
108 | include a readable copy of the attribution notices contained
109 | within such NOTICE file, excluding those notices that do not
110 | pertain to any part of the Derivative Works, in at least one
111 | of the following places: within a NOTICE text file distributed
112 | as part of the Derivative Works; within the Source form or
113 | documentation, if provided along with the Derivative Works; or,
114 | within a display generated by the Derivative Works, if and
115 | wherever such third-party notices normally appear. The contents
116 | of the NOTICE file are for informational purposes only and
117 | do not modify the License. You may add Your own attribution
118 | notices within Derivative Works that You distribute, alongside
119 | or as an addendum to the NOTICE text from the Work, provided
120 | that such additional attribution notices cannot be construed
121 | as modifying the License.
122 |
123 | You may add Your own copyright statement to Your modifications and
124 | may provide additional or different license terms and conditions
125 | for use, reproduction, or distribution of Your modifications, or
126 | for any such Derivative Works as a whole, provided Your use,
127 | reproduction, and distribution of the Work otherwise complies with
128 | the conditions stated in this License.
129 |
130 | 5. Submission of Contributions. Unless You explicitly state otherwise,
131 | any Contribution intentionally submitted for inclusion in the Work
132 | by You to the Licensor shall be under the terms and conditions of
133 | this License, without any additional terms or conditions.
134 | Notwithstanding the above, nothing herein shall supersede or modify
135 | the terms of any separate license agreement you may have executed
136 | with Licensor regarding such Contributions.
137 |
138 | 6. Trademarks. This License does not grant permission to use the trade
139 | names, trademarks, service marks, or product names of the Licensor,
140 | except as required for reasonable and customary use in describing the
141 | origin of the Work and reproducing the content of the NOTICE file.
142 |
143 | 7. Disclaimer of Warranty. Unless required by applicable law or
144 | agreed to in writing, Licensor provides the Work (and each
145 | Contributor provides its Contributions) on an "AS IS" BASIS,
146 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
147 | implied, including, without limitation, any warranties or conditions
148 | of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
149 | PARTICULAR PURPOSE. You are solely responsible for determining the
150 | appropriateness of using or redistributing the Work and assume any
151 | risks associated with Your exercise of permissions under this License.
152 |
153 | 8. Limitation of Liability. In no event and under no legal theory,
154 | whether in tort (including negligence), contract, or otherwise,
155 | unless required by applicable law (such as deliberate and grossly
156 | negligent acts) or agreed to in writing, shall any Contributor be
157 | liable to You for damages, including any direct, indirect, special,
158 | incidental, or consequential damages of any character arising as a
159 | result of this License or out of the use or inability to use the
160 | Work (including but not limited to damages for loss of goodwill,
161 | work stoppage, computer failure or malfunction, or any and all
162 | other commercial damages or losses), even if such Contributor
163 | has been advised of the possibility of such damages.
164 |
165 | 9. Accepting Warranty or Additional Liability. While redistributing
166 | the Work or Derivative Works thereof, You may choose to offer,
167 | and charge a fee for, acceptance of support, warranty, indemnity,
168 | or other liability obligations and/or rights consistent with this
169 | License. However, in accepting such obligations, You may act only
170 | on Your own behalf and on Your sole responsibility, not on behalf
171 | of any other Contributor, and only if You agree to indemnify,
172 | defend, and hold each Contributor harmless for any liability
173 | incurred by, or claims asserted against, such Contributor by reason
174 | of your accepting any such warranty or additional liability.
175 |
176 | END OF TERMS AND CONDITIONS
177 |
178 | APPENDIX: How to apply the Apache License to your work.
179 |
180 | To apply the Apache License to your work, attach the following
181 | boilerplate notice, with the fields enclosed by brackets "{}"
182 | replaced with your own identifying information. (Don't include
183 | the brackets!) The text should be enclosed in the appropriate
184 | comment syntax for the file format. We also recommend that a
185 | file or class name and description of purpose be included on the
186 | same "printed page" as the copyright notice for easier
187 | identification within third-party archives.
188 |
189 | Copyright {yyyy} {name of copyright owner}
190 |
191 | Licensed under the Apache License, Version 2.0 (the "License");
192 | you may not use this file except in compliance with the License.
193 | You may obtain a copy of the License at
194 |
195 | http://www.apache.org/licenses/LICENSE-2.0
196 |
197 | Unless required by applicable law or agreed to in writing, software
198 | distributed under the License is distributed on an "AS IS" BASIS,
199 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
200 | See the License for the specific language governing permissions and
201 | limitations under the License.
202 |
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | # DEPRECATED - Please refer to the following repository:
2 | # [Tools and Techniques for Vulnerability Validation](https://github.medallia.com/apuente/tools-and-techniques-for-vulnerability-validation)
3 |
4 |
5 |
6 | - [Vulnerabilities by Qualys](#vulnerabilities-by-qualys)
7 | - [Other Checks](#other-checks)
8 | - [Tools](#tools)
9 |
10 |
11 |
12 | The purpose of this repository is to provide DevOps the necesary tools and techniques to expedite the process of validating the remediation of vulnerabilities.
13 |
14 | It is important to note that a Linux server is used for most of these vulnerabilities, this is because commands like ``grep``, ``sed``, etc. work differently in OSX, in that case the GNU version can be installed with [Homebrew](http://brew.sh/) but results may be different. The recommendation is to have a dedicated server with Linux to execute these tools. Also, if the servers are facing the Internet the recommendation is to have the server outside the corporate network. Have in mind that some Cloud Server Provides does not allow the use of tools like nmap in their networks.
15 |
16 |
17 | ## Vulnerabilities by Qualys
18 |
19 | * [38140 - SSL Server Supports Weak Encryption Vulnerability](Vulnerabilities/38140%20-%20SSL%20Server%20Supports%20Weak%20Encryption%20Vulnerability.md)
20 | * [38601 - SSL/TLS use of weak RC4 cipher on Multiple Hosts](Vulnerabilities/38601%20-%20SSL:TLS%20use%20of%20weak%20RC4%20cipher%20on%20Multiple%20Hosts.md)
21 | * [38603 - SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)](Vulnerabilities/38603%20-%20SSLv3%20Padding%20Oracle%20Attack%20Information%20Disclosure%20Vulnerability%20%28POODLE%29.md)
22 | * [38626 - OpenSSL oracle padding vulnerability (CVE-2016-2107)](Vulnerabilities/38626%20-%20OpenSSL%20oracle%20padding%20vulnerability%20%28CVE-2016-2107%29.md)
23 | * [42366 - SSLv3.0:TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)](Vulnerabilities%2F42366%20-%20SSLv3.0%3ATLSv1.0%20Protocol%20Weak%20CBC%20Mode%20Server%20Side%20Vulnerability%20%28BEAST%29.md)
24 | * [42430 - OpenSSL Memory Leak Vulnerability (Heartbleed Bug)](/Vulnerabilities/42430%20-%20OpenSSL%20Memory%20Leak%20Vulnerability%20%28Heartbleed%20Bug%29.md)
25 |
26 |
27 | ## Other Checks
28 |
29 | * [IKE Aggressive Mode Authentication Enabled](Vulnerabilities%2FIKE%20Aggressive%20Mode%20Authentication%20Enabled.md)
30 | * [NTP Servers Exposed to Internet](Vulnerabilities%2FNTP%20Servers%20Exposed%20to%20Internet.md)
31 | * [SNMP Server Enabled](Vulnerabilities/SNMP%20Server%20Enabled.md)
32 | * [SSL/TLS Enabled in SMTP](Vulnerabilities/SSL:TLS%20Enabled%20in%20SMTP.md)
33 | * [TLSv1 Enabled in SMTP or HTTP](Vulnerabilities%2FTLSv1%20Enabled%20in%20SMTP%20or%20HTTP.md)
34 |
35 |
36 |
37 | ## Tools
38 |
39 | * **[sslyze_cli.py](https://github.com/nabla-c0d3/sslyze)** Fast and full-featured SSL scanner for Python 2.7. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.
40 | * **[Nmap](https://nmap.org/download.html):** Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
41 | * *[heartbleed-poc](https://github.com/sensepost/heartbleed-poc)* Test for SSL heartbeat vulnerability (CVE-2014-0160)
42 | * *[heartleech](https://github.com/robertdavidgraham/heartleech)* This is a typical "heartbleed" tool. It can scan for systems vulnerable to the bug, and then be used to download them.
43 | * *[Filippo.io](https://github.com/FiloSottile/CVE-2016-2107)* Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107). **It only works with HTTPS**.
44 | * *[CVE-2016-2107 web test](https://filippo.io/CVE-2016-2107/)* Simple web test for the May 2016 OpenSSL padding oracle (CVE-2016-2107). **It only works with HTTPS**.
45 |
--------------------------------------------------------------------------------
/Tools/CVE-2016-2107.tgz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/CVE-2016-2107.tgz
--------------------------------------------------------------------------------
/Tools/beast_check.pl:
--------------------------------------------------------------------------------
1 | #!/usr/bin/perl -w
2 |
3 | use strict;
4 | use warnings;
5 | use IO::Socket::SSL;
6 |
7 | print qq{
8 | ===============================================
9 |
10 | SSL/TLS BEAST Vulnerability Check
11 | by YGN Ethical Hacker Group, http://yehg.net/
12 |
13 | ===============================================
14 | };
15 |
16 | if ($#ARGV != 0) {
17 | print qq{
18 | Usage: beast.pl host [port]
19 |
20 | port = 443 by default \{optional\}
21 | };
22 | exit;
23 | }
24 |
25 | my $host = $ARGV[0];
26 | my $port = 443;
27 | if ($#ARGV == 1) {$port = $ARGV[1];}
28 |
29 | print qq{
30 | Target: $host:$port
31 | };
32 |
33 | my $client = new IO::Socket::SSL(
34 | PeerAddr => $host,
35 | PeerPort => $port,
36 | Proto => 'tcp',
37 | SSL_honor_cipher_order => 1,
38 | SSL_version => 'TLSv1'
39 | );
40 |
41 | if (defined $client) {
42 | my $v_beast = 'PRONE to BEAST attack.';
43 | my $s_beast = 'YES';
44 | my $cipher = $client->get_cipher();
45 |
46 | if ($cipher =~ /RC4/){
47 | $v_beast = 'NOT vulnerable to BEAST attack.';
48 | $s_beast = 'NO';
49 | }
50 |
51 | print qq{
52 | ## The target is $v_beast ##
53 |
54 | Protocol: TLS v1
55 | Server Preferred Cipher: $cipher
56 | Vulnerable: $s_beast
57 |
58 | -----------------------------------------------
59 | N.B. This check assumes no workaround
60 | (i.e. EMPTY FRAGMENT) applied in target server.
61 | };
62 | print $client "GET / HTTP/1.0\r\n\r\n";
63 |
64 | close $client;
65 | } else {
66 | warn "\nERROR:\nConnecting to the taget\n\nDETAILS:\n",
67 | IO::Socket::SSL::errstr();
68 | }
69 | warn $! if not defined($client);
70 |
71 |
--------------------------------------------------------------------------------
/Tools/heartbleed-poc.tgz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/heartbleed-poc.tgz
--------------------------------------------------------------------------------
/Tools/heartleech.tgz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/heartleech.tgz
--------------------------------------------------------------------------------
/Tools/ike-scan.tgz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/ike-scan.tgz
--------------------------------------------------------------------------------
/Tools/nmap-7.12.tar.bz2:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/nmap-7.12.tar.bz2
--------------------------------------------------------------------------------
/Tools/sslyze.tgz:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/apuentemedallia/tools-and-techniques-for-vulnerability-validation/a40a970da70e475eafe47958f735fe161f77e818/Tools/sslyze.tgz
--------------------------------------------------------------------------------
/Vulnerabilities/38140 - SSL Server Supports Weak Encryption Vulnerability.md:
--------------------------------------------------------------------------------
1 | # 38140 - SSL Server Supports Weak Encryption Vulnerability
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 |
11 |
12 |
13 |
14 |
15 | ## Description
16 | The Secure Socket Layer (SSL) protocol allows for secure communication between a client and a server.
17 | SSL encryption ciphers are classified based on encryption key length as follows:
18 |
19 | * HIGH - key length larger than 128 bits
20 | * MEDIUM - key length equal to 128 bits
21 | * LOW - key length smaller than 128 bits
22 |
23 | Messages encrypted with LOW encryption ciphers are easy to decrypt. Commercial SSL servers should only support MEDIUM or HIGH strength ciphers to guarantee transaction security.
24 | The following link provides more information about this vulnerability:
25 | Analysis of the SSL 3.0 protocol (http://www.schneier.com/paper-ssl-revised.pdf)
26 | Please note that this detection only checks for weak cipher support at the SSL layer. Some servers may implement additional protection at the data layer. For example, some SSL servers and SSL proxies (such as SSL accelerators) allow cipher negotiation to complete but send back an error message and abort further communication on the secure channel. This vulnerability may not be exploitable for such configurations.
27 |
28 |
29 | ## Solution
30 | Disable support for LOW encryption ciphers.
31 | Apache
32 | If TLSv1.1 or TLSv1.2 are available, then those protocols should be used.
33 | SSLProtocol TLSv1.1 TLSv1.2
34 | If TLSv1.1 and TLSv1.2 are not available then only TLS1.0 should be used:
35 | SSLProtocol TLSv1
36 | Typically, for Apache/mod_ssl, httpd.conf or ssl.conf should have the following lines:
37 | SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
38 | For Apache/apache_ssl include the following line in the configuration file (httpsd.conf):
39 | SSLRequireCipher ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
40 | Tomcat
41 | sslProtocol="SSLv3"
42 | ciphers="SSL_RSA_WITH_RC4_128_MD5,SSL_RSA_WITH_RC4_128_SHA,SSL_DHE_RSA_W
43 | ITH_3DES_EDE_CBC_SHA"
44 | IIS
45 | How to Restrict the Use of Certain Cryptographic Algorithms and Protocols in Schannel.dll (http://support.microsoft.com/default.aspx?scid=kb;EN-US;245030) (Windows restart required)
46 | How to disable PCT 1.0, SSL 2.0, SSL 3.0, or TLS 1.0 in Internet Information Services (http://support.microsoft.com/default.aspx?scid=kb;en-us;187498) (Windows restart required)
47 | Security Guidance for IIS (http://www.microsoft.com/technet/security/prodtech/IIS.mspx)
48 | For Novell Netware 6.5 please refer to the following document
49 | SSL Allows the use of Weak Ciphers. -TID10100633 (http://support.novell.com/cgi-bin/search/searchtid.cgi?10100633.htm)
50 |
51 |
52 | ## Validation
53 |
54 |
55 | ### Tool
56 |
57 | * **[sslyze_cli.py](https://github.com/nabla-c0d3/sslyze)** Fast and full-featured SSL scanner for Python 2.7. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.
58 |
59 |
60 | ### Analysis
61 |
62 | As the description mentions: _Messages encrypted with LOW encryption ciphers are easy to decrypt. Commercial SSL servers should only support MEDIUM or HIGH strength ciphers to guarantee transaction security._ so any encryption smaller than 128 bits is considered low and weak.
63 |
64 | For this purpose we will use the tool ``sslyze_cli.py`` to enumerate the encryption keys confugured in the server.
65 |
66 | For SMTP servers, usually port ``25`` and ``587``, use the following command:
67 |
68 | ```
69 | sslyze_cli.py --regular --starttls=smtp --hide_rejected_ciphers : | grep bits | egrep -v '(128|256)'
70 | ```
71 |
72 | For HTTP Servers, usually port ``443`` and ``8443`` use the following command:
73 | ```
74 | sslyze_cli.py --regular --hide_rejected_ciphers : | grep bits | egrep -v '(128|256)'
75 | ```
76 |
77 | With these command we are filtering the encryption keys and looking for anything that is not ``128`` or ``256`` bits. If you have anything similar to this then your server is still vulnerable.
78 |
79 |
80 | ```
81 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits 250 2.0.0 Ok
82 | TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits 250 2.0.0 Ok
83 | TLS_RSA_WITH_DES_CBC_SHA - 56 bits 250 2.0.0 Ok
84 | TLS_DHE_RSA_WITH_DES_CBC_SHA DH-1024 bits 56 bits 250 2.0.0 Ok
85 | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA DH-512 bits 40 bits 250 2.0.0 Ok
86 | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - 40 bits 250 2.0.0 Ok
87 | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - 40 bits 250 2.0.0 Ok
88 | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - 40 bits 250 2.0.0 Ok
89 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits 250 2.0.0 Ok
90 | TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits 250 2.0.0 Ok
91 | TLS_RSA_WITH_DES_CBC_SHA - 56 bits 250 2.0.0 Ok
92 | TLS_DHE_RSA_WITH_DES_CBC_SHA DH-1024 bits 56 bits 250 2.0.0 Ok
93 | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - 40 bits 250 2.0.0 Ok
94 | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA DH-512 bits 40 bits 250 2.0.0 Ok
95 | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - 40 bits 250 2.0.0 Ok
96 | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - 40 bits 250 2.0.0 Ok
97 | TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits 250 2.0.0 Ok
98 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits 250 2.0.0 Ok
99 | TLS_DHE_RSA_WITH_DES_CBC_SHA DH-1024 bits 56 bits 250 2.0.0 Ok
100 | TLS_RSA_WITH_DES_CBC_SHA - 56 bits 250 2.0.0 Ok
101 | TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA DH-512 bits 40 bits 250 2.0.0 Ok
102 | TLS_RSA_EXPORT_WITH_RC4_40_MD5 - 40 bits 250 2.0.0 Ok
103 | TLS_RSA_EXPORT_WITH_DES40_CBC_SHA - 40 bits 250 2.0.0 Ok
104 | TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 - 40 bits 250 2.0.0 Ok
105 | ```
106 |
107 |
108 |
109 |
--------------------------------------------------------------------------------
/Vulnerabilities/38601 - SSL:TLS use of weak RC4 cipher on Multiple Hosts.md:
--------------------------------------------------------------------------------
1 | # 38601 - SSL/TLS use of weak RC4 cipher on Multiple Hosts
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 |
11 |
12 |
13 |
14 |
15 | ## Description
16 | Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS ) protocols provide integrity, confidentiality and authenticity services to other protocols that lack these features.
17 | SSL/TLS protocols use ciphers such as AES,DES, 3DES and RC4 to encrypt the content of the higher layer protocols and thus provide the confidentiality service. Normally the output of an encryption process is a sequence of random looking bytes. It was known that RC4 output has some bias in the output. Recently a group of researchers has discovered that the there is a stronger bias in RC4, which make statistical analysis of ciphertext more practical.
18 | The described attack is to inject a malicious javascript into the victim's browser that would ensure that there are multiple connections being established with a target website and the same HTTP cookie is sent multiple times to the website in encrypted form. This provides the attacker a large set of ciphertext samples, that can be used for statistical analysis.
19 | NOTE: On 3/12/15 NVD changed the CVSS v2 access complicity from high to medium. As a result Qualys revised the CVSS score to 4.3 immediately. On 5/4/15 Qualys is also revising the severity to level 3.
20 |
21 |
22 | ## Solution
23 | RC4 should not be used where possible. One reason that RC4 was still being used was BEAST and Lucky13 attacks against CBC mode ciphers in SSL and TLS. However, TLSv 1.2 or later address these issues.
24 |
25 |
26 | ## Validation
27 |
28 |
29 | ### Tool
30 |
31 | * **[sslyze_cli.py](https://github.com/nabla-c0d3/sslyze)** Fast and full-featured SSL scanner for Python 2.7. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.
32 |
33 |
34 | ### Analysis
35 |
36 | As the description mentions: _Messages encrypted with LOW encryption ciphers are easy to decrypt. Commercial SSL servers should only support MEDIUM or HIGH strength ciphers to guarantee transaction security._ so any encryption smaller than 128 bits is considered low and weak.
37 |
38 | For this purpose we will use the tool ``sslyze_cli.py`` to enumerate the encryption keys confugured in the server.
39 |
40 | **Command**
41 |
42 | For SMTP servers, usually port ``25`` and ``587``, use the following command:
43 |
44 | ```
45 | sslyze_cli.py --regular --starttls=smtp --hide_rejected_ciphers : | grep bits | egrep -i RC4
46 | ```
47 |
48 | For HTTP Servers, usually port ``443`` and ``8443`` use the following command:
49 | ```
50 | sslyze_cli.py --regular --hide_rejected_ciphers : | grep bits | egrep -i RC4
51 | ```
52 |
53 | **Vulnerable Output**
54 |
55 | With these command we are filtering the encryption keys and looking for anything that is not ``128`` or ``256`` bits. If you have anything similar to this then your server is still vulnerable.
56 |
57 |
58 | ```
59 | TLS_RSA_WITH_RC4_128_MD5 - 128 bits HTTP 200 OK
60 | TLS_RSA_WITH_RC4_128_MD5 - 128 bits HTTP 200 OK
61 | TLS_RSA_WITH_RC4_128_SHA - 128 bits HTTP 200 OK
62 | ```
--------------------------------------------------------------------------------
/Vulnerabilities/38603 - SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE).md:
--------------------------------------------------------------------------------
1 | # 8603 - SSLv3 Padding Oracle Attack Information Disclosure Vulnerability (POODLE)
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tools](#tools)
9 | - [Analysis](#analysis)
10 | - [Nmap](#nmap)
11 |
12 |
13 |
14 |
15 |
16 | ## Description
17 | The SSL protocol 3.0 design error, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attacks.
18 | The target supports SSLv3, which makes it vulnerable to POODLE (Padding Oracle On Downgraded Legacy Encryption), even if it also supports more recent versions of TLS. It's subject to a downgrade attack, in which the attacker tricks the browser into connecting with SSLv3.
19 |
20 | ## Solution
21 |
22 | Disable SSLv3 support to avoid this vulnerability.
23 | Examples to disable SSLv3.
24 | nginx: list specific allowed protocols in the "ssl\_protocols" line. Make sure SSLv2 and SSLv3 is not listed. For example: ssl_protocols TLSv2 TLSv1.1 TLSv1.2;
25 | Apache: Add -SSLv3 to the "SSLProtocol" line.
26 | How to disable SSL 3.0 on Microsoft IIS (https://support.microsoft.com/kb/187498/en-us).
27 | For PCI, please refer to the Qualys community article (https://community.qualys.com/thread/15280).
28 |
29 |
30 | ## Validation
31 |
32 |
33 | ### Tools
34 |
35 | * **[Nmap](https://nmap.org/download.html):** Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
36 |
37 |
38 | ### Analysis
39 |
40 |
41 | #### Nmap
42 |
43 | **Command**
44 |
45 | ```
46 | nmap --version-light --script ssl-poodle -p
47 | ```
48 |
49 | **Vulnerable Output**
50 |
51 | ```
52 | ORT STATE SERVICE REASON
53 | /tcp open syn-ack
54 | | ssl-poodle:
55 | | VULNERABLE:
56 | | SSL POODLE information leak
57 | | State: VULNERABLE
58 | | IDs: CVE:CVE-2014-3566 OSVDB:113251
59 | | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and
60 | | other products, uses nondeterministic CBC padding, which makes it easier
61 | | for man-in-the-middle attackers to obtain cleartext data via a
62 | | padding-oracle attack, aka the "POODLE" issue.
63 | | Disclosure date: 2014-10-14
64 | | Check results:
65 | | TLS_RSA_WITH_3DES_EDE_CBC_SHA
66 | | References:
67 | | https://www.imperialviolet.org/2014/10/14/poodle.html
68 | | http://osvdb.org/113251
69 | | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566
70 | |_ https://www.openssl.org/~bodo/ssl-poodle.pdf
71 |
72 | ```
73 |
74 |
75 |
--------------------------------------------------------------------------------
/Vulnerabilities/38626 - OpenSSL oracle padding vulnerability (CVE-2016-2107).md:
--------------------------------------------------------------------------------
1 | # 38626 - OpenSSL oracle padding vulnerability (CVE-2016-2107)
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tools](#tools)
9 | - [Analysis](#analysis)
10 | - [Red Hat Package Manager](#red-hat-package-manager)
11 | - [Filippo.io GoLang Application](#filippoio-golang-application)
12 |
13 |
14 |
15 |
16 |
17 | ## Description
18 | The OpenSSL Project is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a general purpose cryptography library.
19 | OpenSSL contains the following vulnerability:
20 | A MITM attacker can use a padding oracle attack to decrypt traffic when the connection uses an AES CBC cipher and the server support AES-NI.
21 | Affected Versions:
22 | OpenSSL 1.0.2 prior to OpenSSL 1.0.2h
23 | OpenSSL 1.0.1 prior to OpenSSL 1.0.1t
24 |
25 | **Impact:**
26 | A MITM attacker can use a padding oracle attack to decrypt traffic.
27 |
28 |
29 | ## Solution
30 |
31 | OpenSSL version 1.0.2h and 1.0.1t have been released to address these issues. Refer to OpenSSL Advisory (https://www.openssl.org/news/secadv/20160503.txt) to obtain more information.
32 | Patch:
33 | Following are links for downloading patches to fix the vulnerabilities:
34 | OpenSSL Security Advisory 3rd May 2016 (https://www.openssl.org/news/secadv/20160503.txt)
35 |
36 | **Workaround:**
37 | - Recompile OpenSSL with the handshake removed from the code by compile time option -DOPENSSL_NO_HEARTBEATS.
38 |
39 | ## Validation
40 |
41 |
42 | ### Tools
43 |
44 | * *[RPM Package Manager](https://http://rpm.org/):* The RPM Package Manager (RPM) is a powerful command line driven package management system capable of installing, uninstalling, verifying, querying, and updating computer software packages. Each software package consists of an archive of files along with information about the package like its version, a description, and the like.
45 | * *[Filippo.io](https://github.com/FiloSottile/CVE-2016-2107)* Simple test for the May 2016 OpenSSL padding oracle (CVE-2016-2107). **It only works with HTTPS**.
46 | * *[CVE-2016-2107 web test](https://filippo.io/CVE-2016-2107/)* Simple web test for the May 2016 OpenSSL padding oracle (CVE-2016-2107). **It only works with HTTPS**.
47 |
48 |
49 | ### Analysis
50 |
51 |
52 | #### Red Hat Package Manager
53 |
54 | It is important to note that Qualys detects this vulnerability based on the banner of the application with SSL so in some cases a library might be backported remediating the issue but keeping the same banner causing Qualys to report a false positive. The following it the technique to validate that the correct patch has been installed and the vulnerability remediated.
55 |
56 | **Command**
57 |
58 | ```
59 | sudo rpm -q --changelog openssl | grep CVE-2016-2107
60 | ```
61 |
62 | **Vulnerability Remediated Output**
63 |
64 | If the command above returns the following output the vulnerability has been remediated:
65 |
66 | ```
67 | * fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC
68 | ```
69 |
70 |
71 |
72 | #### Filippo.io GoLang Application
73 |
74 | **Command**
75 |
76 | ```
77 | $ go version
78 | go version go1.6.2 darwin/amd64
79 | $ export GOPATH=${HOME}/go_work/
80 | $ go get github.com/FiloSottile/CVE-2016-2107
81 | $ ${GOPATH}/bin/CVE-2016-2107 engineering.medallia.com
82 | 2016/07/11 14:24:11 Vulnerable: false
83 | ```
84 |
85 | **Vulnerability Remediated Output**
86 |
87 | ```
88 | 2016/07/11 14:24:11 Vulnerable: false
89 | ```
90 |
91 |
92 |
93 |
--------------------------------------------------------------------------------
/Vulnerabilities/42366 - SSLv3.0:TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST).md:
--------------------------------------------------------------------------------
1 | # 42366 - SSLv3.0/TLSv1.0 Protocol Weak CBC Mode Server Side Vulnerability (BEAST)
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 |
11 |
12 |
13 |
14 |
15 | ## Description
16 | SSLv 3.0 and TLS v1.0 protocols are used to provide integrity, authenticity and privacy to other protocols such as HTTP and LDAP. They provide these services by using encryption for privacy, x509 certificates for authenticity and one-way hash functions for integrity. To encrypt data SSL and TLS can use block ciphers, which are encryption algorithms that can encrypt only a fixed block of original data to an encrypted block of the same size. Note that these ciphers will always obtain the same resulting block for the same original block of data. To achieve difference in the output the output of encryption is XORed with yet another block of the same size referred to as initialization vectors (IV). A special mode of operation for block ciphers known as CBC (cipher block chaining) uses one IV for the initial block and the result of the previous block for each subsequent block to obtain difference in the output of block cipher encryption.
17 | In SSLv3.0 and TLSv1.0 implementation the choice CBC mode usage was poor because the entire traffic shares one CBC session with single set of initial IVs. The rest of the IV are as mentioned above results of the encryption of the previous blocks. The subsequent IV are available to the eavesdroppers. This allows an attacker with the capability to inject arbitrary traffic into the plain-text stream (to be encrypted by the client) to verify their guess of the plain-text preceding the injected block. If the attackers guess is correct then the output of the encryption will be the same for two blocks.
18 | For low entropy data it is possible to guess the plain-text block with relatively few number of attempts. For example for data that has 1000 possibilities the number of attempts can be 500.
19 | For more information please see a paper by Gregory V. Bard. (http://eprint.iacr.org/2006/136.pdf)
20 | NOTE:
21 | The CVSS access complexity assigned by NIST to CVE-2011-3389 is 'Medium' which makes the base score 4.3. But Qualys has assigned access complexity to 'High' for server side, because Javascipt injection and MiTM capabilities and a vulnerable client are required to exploit this vulnerability. Therefore the Qualys CVSS score is 2.6.
22 |
23 |
24 | ## Solution
25 | This attack was identified in 2004 and later revisions of TLS protocol which contain a fix for this. If possible, upgrade to TLSv1.1 or TLSv1.2. If upgrading to TLSv1.1 or TLSv1.2 is not possible, then disabling CBC mode ciphers will remove the vulnerability.
26 | Setting your SSL server to prioritize RC4 ciphers mitigates this vulnerability. Microsoft has posted information including workarounds for IIS at KB2588513 (http://technet.microsoft.com/en-us/security/advisory/2588513).
27 | Using the following SSL configuration in Apache mitigates this vulnerability:
28 | SSLHonorCipherOrder On
29 | SSLCipherSuite RC4-SHA:HIGH:!ADH
30 | Qualys SSL/TLS Deployment Best Practices can be found here (https://www.ssllabs.com/projects/best-practices/).
31 | Note: RC4 recommendation is only in situations where upgrade to TLSv1.2 is not possible. RC4 in TLS v1.0 has output bias problem as described in QID 38601. Therefore it is recommended to upgrade to TLS v1.2 or later.
32 |
33 |
34 | ## Validation
35 |
36 |
37 | ### Tool
38 |
39 | * **[beast.pl](https://code.google.com/archive/p/beast-check/downloads)** SSL/TLS BEAST Vulnerability Check
40 |
41 |
42 | ### Analysis
43 |
44 | **Command**
45 |
46 | ```
47 | beast_check.pl
48 | ```
49 |
50 | **Vulnerable Output**
51 |
52 |
53 | ```
54 | ./beast_check.pl :
55 |
56 | ===============================================
57 |
58 | SSL/TLS BEAST Vulnerability Check
59 | by YGN Ethical Hacker Group, http://yehg.net/
60 |
61 | ===============================================
62 |
63 | Target: :
64 |
65 | ## The target is PRONE to BEAST attack. ##
66 |
67 | Protocol: TLS v1
68 | Server Preferred Cipher: ECDHE-RSA-AES256-SHA
69 | Vulnerable: YES
70 |
71 | -----------------------------------------------
72 | N.B. This check assumes no workaround
73 | (i.e. EMPTY FRAGMENT) applied in target server.
74 | ```
75 |
--------------------------------------------------------------------------------
/Vulnerabilities/42430 - OpenSSL Memory Leak Vulnerability (Heartbleed Bug).md:
--------------------------------------------------------------------------------
1 | # 42430 - OpenSSL Memory Leak Vulnerability (Heartbleed Bug)
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tools](#tools)
9 | - [Analysis](#analysis)
10 | - [Nmap](#nmap)
11 | - [Heartbleed PoC](#heartbleed-poc)
12 | - [Heartleech](#heartleech)
13 |
14 |
15 |
16 |
17 |
18 | ## Description
19 | OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. For more details about the detection please refer to the Qualys community article heartbleed-detection-update.
20 | OpenSSL is exposed to a security vulnerability due to a missing bounds check in the handling of the TLS heartbeat extension.
21 | Affected Versions:
22 |
23 | OpenSSL 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1
24 |
25 | The vulnerabilities can be exploited by malicious users to reveal up to 64kB of memory to a connected client or server that may aid in launching further attacks.
26 |
27 |
28 | ## Solution
29 |
30 | Update to Version 1.0.1g to resolve this issue. The latest version is available for download fromOpenSSL Web site.
31 |
32 | **Workaround:**
33 | - Recompile OpenSSL with the handshake removed from the code by compile time option -DOPENSSL_NO_HEARTBEATS.
34 |
35 | ## Validation
36 |
37 |
38 | ### Tools
39 |
40 | * **[Nmap](https://nmap.org/download.html):** Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
41 | * *[heartbleed-poc](https://github.com/sensepost/heartbleed-poc)* Test for SSL heartbeat vulnerability (CVE-2014-0160)
42 | * *[heartleech](https://github.com/robertdavidgraham/heartleech)* This is a typical "heartbleed" tool. It can scan for systems vulnerable to the bug, and then be used to download them. Some important features:
43 |
44 |
45 | ### Analysis
46 |
47 |
48 | #### Nmap
49 |
50 | **Command**
51 |
52 | ```
53 | nmap --script ssl-heartbleed -p
54 | ```
55 |
56 | **Vulnerable Output**
57 |
58 | ```
59 | Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-07 18:53 EDT
60 | Nmap scan report for
61 | Host is up (0.083s latency).
62 | PORT STATE SERVICE
63 | /tcp open
64 | | ssl-heartbleed:
65 | | VULNERABLE:
66 | | The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.
67 | | State: VULNERABLE
68 | | Risk factor: High
69 | | OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.
70 | |
71 | | References:
72 | | http://cvedetails.com/cve/2014-0160/
73 | | http://www.openssl.org/news/secadv_20140407.txt
74 | |_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
75 |
76 | Nmap done: 1 IP address (1 host up) scanned in 3.04 seconds
77 | ```
78 |
79 |
80 | #### Heartbleed PoC
81 |
82 | **Command**
83 |
84 | ```
85 | python heartbleed-poc.py -p -s
86 | ```
87 |
88 | **Vulnerable Output**
89 |
90 | ```
91 | Scanning on port
92 | STARTTLS supported...
93 | Connecting...
94 | Sending Client Hello...
95 | Waiting for Server Hello...
96 | ... received message: type = 22, ver = 0302, length = 66
97 | ... received message: type = 22, ver = 0302, length = 3311
98 | ... received message: type = 22, ver = 0302, length = 331
99 | ... received message: type = 22, ver = 0302, length = 4
100 | Server TLS version was 1.2
101 |
102 | Sending heartbeat request...
103 | ... received message: type = 24, ver = 0302, length = 16384
104 | Received heartbeat response:
105 | 0000: 02 40 00 D8 03 02 53 43 5B 90 9D 9B 72 0B BC 0C .@....SC[...r...
106 | 0010: BC 2B 92 A8 48 97 CF BD 39 04 CC 16 0A 85 03 90 .+..H...9.......
107 | 0020: 9F 77 04 33 D4 DE 00 00 66 C0 14 C0 0A C0 22 C0 .w.3....f.....".
108 | 0030: 21 00 39 00 38 00 88 00 87 C0 0F C0 05 00 35 00 !.9.8.........5.
109 | 0040: 84 C0 12 C0 08 C0 1C C0 1B 00 16 00 13 C0 0D C0 ................
110 | 0050: 03 00 0A C0 13 C0 09 C0 1F C0 1E 00 33 00 32 00 ............3.2.
111 | 0060: 9A 00 99 00 45 00 44 C0 0E C0 04 00 2F 00 96 00 ....E.D...../...
112 | --- Truncated ---
113 | 3fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
114 | 3fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
115 | 3ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
116 |
117 | WARNING: server returned more data than it should - server is vulnerable!
118 | ```
119 |
120 |
121 |
122 | #### Heartleech
123 |
124 | **Command**
125 |
126 | ```
127 | ./bin/kali64/heartleech -p -f /dev/stdout
128 | ```
129 |
130 | **Vulnerable Output**
131 |
132 | ```
133 | --- heartleech/1.0.0h ---
134 | https://github.com/robertdavidgraham/heartleech
135 | PCRE library: 8.35 2014-04-04
136 | ��aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
137 | �"�p�)W�B�
138 | � ����ʭ_P%,ih9876�����2�.�*�&���=5����
139 | �/�+�'�#�� ������g@?>3210����EDCB�1�-�)�%����=��9�6s��P"i�'�2�1x�-��(�4��#�"� �.����':�
147 | 93 ��0����&�&��:�]M���-�����a=����?� ��)X�����y�0mg`I�YR�IZ<�
148 | I
149 |
150 | 86
151 |
152 | ��
153 | ^C
154 | ```
155 |
--------------------------------------------------------------------------------
/Vulnerabilities/IKE Aggressive Mode Authentication Enabled.md:
--------------------------------------------------------------------------------
1 | # IKE Aggressive Mode Authentication Enabled
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 | - [ike-scan](#ike-scan)
11 |
12 |
13 |
14 |
15 |
16 | ## Description
17 | The Internet Key Exchange (IKE) protocol is used in IPsec VPNs to authenticate users and establish the shared key of a VPN session. IKE can operate in either main mode or aggressive mode. Main mode protects the identity of the user and securely establishes a shared secret for the VPN session. Users must provide a client certificate if connecting from a dynamic or non-whitelisted IP address.
18 | In aggressive mode the handshake takes less time, but the user's identity is transmitted in plaintext. The server responds with an MD5 or SHA1 hash of the user's password and information that is already sent in plaintext. An attacker could obtain the hash by intercepting packets or initiating an aggressive mode handshake with a valid username. After obtaining the hash, it is possible to crack the password offline in a short time, depending on the password's length and complexity.
19 | Note: There is one more VPN server at 199.102.177.4 supporting IKE but has aggressive mode authentication disabled.
20 |
21 | **Impact**
22 | An attacker may exploit this vulnerability when a victim connects to the VPN on an insecure WiFi network using aggressive mode authentication. An attacker performing a man-in-the- middle (MiTM) attack can capture the network traffic and perform a password brute force attack to crack the Medallia user's VPN password.
23 |
24 |
25 | ## Solution
26 | Disable aggressive mode authentication on the target servers. See the Cisco documentaion (https://www.cisco.com/en/US/docs/ios/security/command/reference/sec_c4.pdf) for instructions for how to disable it on Cisco IOS. Only use IKE main mode combined with client certificates for VPN authentication.
27 |
28 |
29 | ## Validation
30 |
31 |
32 | ### Tool
33 |
34 | * **[ike-scan](https://github.com/royhills/ike-scan):** Discover and fingerprint IKE hosts (IPsec VPN Servers).
35 |
36 |
37 | ### Analysis
38 |
39 |
40 | #### ike-scan
41 |
42 | **Command**
43 |
44 | ```
45 | ike-scan --aggressive --multiline --id=nonexisting_user
46 | ```
47 |
48 | **Vulnerable Output**
49 |
50 | ```
51 | Starting ike-scan 1.9 with 1 hosts (http://www.nta-monitor.com/tools/ike-scan)
52 | Aggressive Mode Handshake returned
53 | HDR=(CKY-R=4ec8e4d12a479ae9)
54 | SA=(Enc=3DES Hash=SHA1 Group=2:modp1024 Auth=PSK LifeType=Seconds LifeDuration=28800)
55 | KeyExchange(128 bytes)
56 | Nonce(20 bytes)
57 | ID(Type=ID_IPV4_ADDR, Value=)
58 | Hash(20 bytes)
59 | VID=12f5f28c457168a9702d9fe274cc0100 (Cisco Unity)
60 | VID=09002689dfd6b712 (XAUTH)
61 | VID=afcad71368a1f1c96b8696fc77570100 (Dead Peer Detection v1.0)
62 | VID=4048b7d56ebce88525e7de7f00d6c2d3c0000000 (IKE Fragmentation)
63 | VID=1f07f70eaa6514d3b0fa96542a500100 (Cisco VPN Concentrator)
64 | Ending ike-scan 1.9: 1 hosts scanned in 0.157 seconds (6.35 hosts/sec). 1 returned handshake; 0 returned notify
65 | ```
66 |
--------------------------------------------------------------------------------
/Vulnerabilities/NTP Servers Exposed to Internet.md:
--------------------------------------------------------------------------------
1 | # NTP Servers Exposed to Internet
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 | - [Nmap](#nmap)
11 |
12 |
13 |
14 |
15 |
16 | ## Description
17 |
18 | The target servers expose their Network Time Protocol (NTP) service to the Internet on UDP port 123.
19 | The Network Time Protocol is used for servers to synchronize their time. Unless these servers are part of a public NTP server pool,NTP should not be enabled on public interfaces.
20 |
21 | **Impact**
22 | Exposing unnecessary services to the Internet increases the attack surface and may be exploited by attackers discovering vulnerabilities in NTP.
23 |
24 |
25 | ## Solution
26 | Limit access to the NTP service (UDP port 123) to the public Medallia IP address range and internal IP addresses.
27 |
28 |
29 | ## Validation
30 |
31 |
32 | ### Tool
33 |
34 | * **[Nmap](https://nmap.org/download.html):** Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
35 |
36 |
37 | ### Analysis
38 |
39 |
40 | #### Nmap
41 |
42 | **Command**
43 |
44 | ```
45 | sudo nmap -sUV -p 161
46 | ```
47 |
48 | **Vulnerable Output**
49 |
50 | ```
51 | Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-12 14:18 EDT
52 | Nmap scan report for
53 | Host is up (0.069s latency).
54 | PORT STATE SERVICE VERSION
55 | 161/udp open snmp Cisco SNMP service; ciscoSystems SNMPv3 server
56 |
57 | Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
58 | Nmap done: 1 IP address (1 host up) scanned in 7.77 seconds
59 | ```
60 |
61 | **Command**
62 |
63 | ```
64 | nmap -sU -pU:123 -Pn -n --script=ntp-monlist
65 | ```
66 |
67 | **Vulnerable Output**
68 |
69 | ```
70 | PORT STATE SERVICE REASON
71 | 123/udp open ntp udp-response
72 | | ntp-monlist:
73 | | Target is synchronised with 127.127.38.0 (reference clock)
74 | | Alternative Target Interfaces:
75 | | 10.17.4.20
76 | | Private Servers (0)
77 | | Public Servers (0)
78 | | Private Peers (0)
79 | | Public Peers (0)
80 | | Private Clients (2)
81 | | 10.20.8.69 169.254.138.63
82 | | Public Clients (597)
83 | | 4.79.17.248 68.70.72.194 74.247.37.194 99.190.119.152
84 | | ...
85 | | 12.10.160.20 68.80.36.133 75.1.39.42 108.7.58.118
86 | | 68.56.205.98
87 | | 2001:1400:0:0:0:0:0:1 2001:16d8:dd00:38:0:0:0:2
88 | | 2002:db5a:bccd:1:21d:e0ff:feb7:b96f 2002:b6ef:81c4:0:0:1145:59c5:3682
89 | | Other Associations (1)
90 | |_ 127.0.0.1 seen 1949869 times. last tx was unicast v2 mode 7
91 | ```
92 |
93 | **Command**
94 |
95 | ```
96 | nmap -sU -p 123 --script ntp-info
97 | ```
98 |
99 | **Vulnerable Output**
100 |
101 | ```
102 | PORT STATE SERVICE VERSION
103 | 123/udp open ntp NTP v4.2.4p4@1.1520-o
104 | | ntp-info:
105 | | receive time stamp: Sat Dec 12 16:22:41 2009
106 | | version: ntpd 4.2.4p4@1.1520-o Wed May 13 21:06:31 UTC 2009 (1)
107 | | processor: x86_64
108 | | system: Linux/2.6.24-24-server
109 | | stratum: 2
110 | |_ refid: 195.145.119.188
111 | ```
--------------------------------------------------------------------------------
/Vulnerabilities/SNMP Server Enabled.md:
--------------------------------------------------------------------------------
1 | # SNMP Server Enabled
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 | - [Nmap](#nmap)
11 |
12 |
13 |
14 |
15 |
16 | ## Description
17 | Six Simple Network Management Protocol (SNMP) servers expose their UDP port 161 to the Internet. SNMP is a network management protocol and allows network and host configurations to be queried and set. The servers are configured with SNMPv3 which supports authentication and encryption.
18 | SNMPv3 allows the extraction of basic information from an SNMPv3 GET request such as the vendor name, MAC address, and uptime. Exposing SNMPv3 to the Internet also allows attackers to launch brute force password attacks.
19 |
20 | Exposing unnecessary services to the Internet increases the attack surface and allows attackers to launch brute force password attacks against SNMP.
21 |
22 |
23 | ## Solution
24 | Limit network access to the SNMP port (UDP 161) to a set of whitelisted IP addresses instead of exposing the port to the Internet.
25 |
26 |
27 | ## Validation
28 |
29 |
30 | ### Tool
31 |
32 | * **[Nmap](https://nmap.org/download.html):** Nmap ("Network Mapper") is a free and open source (license) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), a utility for comparing scan results (Ndiff), and a packet generation and response analysis tool (Nping).
33 |
34 |
35 | ### Analysis
36 |
37 |
38 | #### Nmap
39 |
40 | **Command**
41 |
42 | ```
43 | sudo nmap -sUV -p 161
44 | ```
45 |
46 | **Vulnerable Output**
47 |
48 | ```
49 | Starting Nmap 7.12SVN ( https://nmap.org ) at 2016-07-12 14:18 EDT
50 | Nmap scan report for
51 | Host is up (0.069s latency).
52 | PORT STATE SERVICE VERSION
53 | 161/udp open snmp Cisco SNMP service; ciscoSystems SNMPv3 server
54 |
55 | Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
56 | Nmap done: 1 IP address (1 host up) scanned in 7.77 seconds
57 | ```
58 |
59 | **Command**
60 |
61 | ```
62 | nmap -sUV -p 161 --script snmp-ios-config --script-args snmpcommunity=public
63 | ```
64 |
65 | **Vulnerable Output**
66 |
67 | ```
68 | Nmap scan report for
69 | Host is up (0.069s latency).
70 | PORT STATE SERVICE VERSION
71 | 161/udp open snmp Cisco SNMP service; ciscoSystems SNMPv3 server
72 | | snmp-info:
73 | | enterprise: ciscoSystems
74 | | engineIDFormat: mac
75 | | engineIDData: 00:e8:65:49:f1:d9
76 | | snmpEngineBoots: 3
77 | |_ snmpEngineTime: 31d22h33m27s
78 | ```
--------------------------------------------------------------------------------
/Vulnerabilities/SSL:TLS Enabled in SMTP.md:
--------------------------------------------------------------------------------
1 | # SSL/TLS Enabled in SMTP
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 | - [Single Server](#single-server)
11 | - [Multiple Servers](#multiple-servers)
12 |
13 |
14 |
15 |
16 |
17 | ## Description
18 | The SMTP protocol is used by email servers to transport emails between servers. By default, SMTP does not support encryption and emails are transmitted in plaintext.
19 | Servers configured to support email encryption over TLS will signal their support by the presence of the STARTTLS SMTP verb. TLS enabled servers will also send TLS encrypted emails with the STARTTLS verb when communicating with other TLS-capable servers. Just supporting STARTTLS does not automatically encrypt all incoming emails. The use of TLS is decided by the SMTP client and not the server.
20 |
21 | **Impact**
22 | SMTP servers configured without TLS support will accept email over TCP port 25 in plaintext allowing attackers with privileged network positions to read and modify traffic.
23 |
24 |
25 | ## Solution
26 | If SMTP is not required to be exposed on the Internet, close the port or deny access via firewall rules. If SMTP is required, make sure that all mail servers support TLS and are configured with valid certificates. This allows SMTP clients to verify the authenticity of the server and provides confidentiality for the transferred email.
27 |
28 |
29 | ## Validation
30 |
31 |
32 | ### Tool
33 |
34 | * **[sslyze_cli.py](https://github.com/nabla-c0d3/sslyze)** Fast and full-featured SSL scanner for Python 2.7. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.
35 |
36 |
37 | ### Analysis
38 |
39 |
40 | #### Single Server
41 |
42 | **Command**
43 |
44 | ```
45 | sslyze_cli.py --starttls=smtp 192.168.1.222:25
46 | ```
47 |
48 | **Vulnerable Output**
49 |
50 | ```
51 | AVAILABLE PLUGINS
52 | -----------------
53 |
54 | CertificateInfoPlugin
55 | SessionRenegotiationPlugin
56 | OpenSslCcsInjectionPlugin
57 | HeartbleedPlugin
58 | HstsPlugin
59 | FallbackScsvPlugin
60 | OpenSslCipherSuitesPlugin
61 | CompressionPlugin
62 | SessionResumptionPlugin
63 |
64 |
65 |
66 | CHECKING HOST(S) AVAILABILITY
67 | -----------------------------
68 |
69 | 192.168.1.222:25 => WARNING: SMTP STARTTLS not supported; discarding corresponding tasks.
70 |
71 |
72 |
73 | SCAN COMPLETED IN 0.34 S
74 | ------------------------
75 | ```
76 |
77 |
78 |
79 |
80 | #### Multiple Servers
81 |
82 | Create a file with a list of servers one per line. Remember to add the port at the end.
83 |
84 | **Command**
85 |
86 | ```
87 | sslyze_cli.py --starttls=smtp --targets_in=ips.lst
88 | ```
89 |
90 | **Output**
91 |
92 | ```
93 | [apuente@centeotl ~] cat ips.lst
94 | 192.168.1.230:25
95 | 192.168.1.228:25
96 | 192.168.1.221:25
97 | 192.168.1.222:25
98 |
99 | [apuente@centeotl ~] sslyze_cli.py --targets_in=ips.lst --starttls=smtp
100 |
101 | AVAILABLE PLUGINS
102 | -----------------
103 |
104 | CertificateInfoPlugin
105 | SessionRenegotiationPlugin
106 | OpenSslCcsInjectionPlugin
107 | HeartbleedPlugin
108 | HstsPlugin
109 | FallbackScsvPlugin
110 | OpenSslCipherSuitesPlugin
111 | CompressionPlugin
112 | SessionResumptionPlugin
113 |
114 |
115 |
116 | CHECKING HOST(S) AVAILABILITY
117 | -----------------------------
118 |
119 | 192.168.1.230:25 => 192.168.1.230
120 | 192.168.1.228:25 => 192.168.1.228
121 | 192.168.1.222:25 => WARNING: SMTP STARTTLS not supported; discarding corresponding tasks.
122 | 192.168.1.221:25 => WARNING: SMTP STARTTLS not supported; discarding corresponding tasks.
123 | ```
124 |
125 | As you can see those that are missing SSL/TLS in their configuration will have a warning after the scan.
126 |
--------------------------------------------------------------------------------
/Vulnerabilities/TLSv1 Enabled in SMTP or HTTP.md:
--------------------------------------------------------------------------------
1 | # TLSv1 Enabled in SMTP or HTTP
2 |
3 |
4 |
5 | - [Description](#description)
6 | - [Solution](#solution)
7 | - [Validation](#validation)
8 | - [Tool](#tool)
9 | - [Analysis](#analysis)
10 | - [For SMTP Services](#for-smtp-services)
11 | - [Other SSL Enabled Services](#other-ssl-enabled-services)
12 |
13 |
14 |
15 |
16 |
17 | ## Description
18 | TLS is capable of using a multitude of ciphers (algorithms) to create the public and private key pairs.
19 | For example if TLSv1.0 uses either the RC4 stream cipher, or a block cipher in CBC mode.
20 | RC4 is known to have biases and the block cipher in CBC mode is vulnerable to the POODLE attack.
21 | TLSv1.0, if configured to use the same cipher suites as SSLv3, includes a means by which a TLS implementation can downgrade the connection to SSL v3.0, thus weakening security.
22 | A POODLE-type (https://blog.qualys.com/ssllabs/2014/12/08/poodle-bites-tls) attack could also be launched directly at TLS without negotiating a downgrade.
23 | This QID will be marked as a Fail for PCI as of November 1st, 2016 in accordance with the new standards. For existing implementations, Merchants will be able to submit a PCI False Positive / Exception Request and provide proof of their Risk Mitigation and Migration Plan, which will result in a pass for PCI up until June 30th, 2018.
24 | Further details can be found at: NEW PCI DSS v3.2 and Migrating from SSL and Early TLS v1.1 (https://community.qualys.com/message/34120)
25 |
26 | **Impact**
27 | An attacker can exploit cryptographic flaws to conduct man-in-the-middle type attacks or to decryption communications.
28 | For example: An attacker could force a downgrade from the TLS protocol to the older SSLv3.0 protocol and exploit the POODLE vulnerability, read secure communications or maliciously modify messages.
29 | A POODLE-type (https://blog.qualys.com/ssllabs/2014/12/08/poodle-bites-tls) attack could also be launched directly at TLS without negotiating a downgrade.
30 |
31 |
32 | ## Solution
33 | Disable the use of TLSv1.0 protocol in favor of a cryptographically stronger protocol such as TLSv1.2.
34 |
35 |
36 | ## Validation
37 |
38 |
39 | ### Tool
40 |
41 | * **[sslyze_cli.py](https://github.com/nabla-c0d3/sslyze)** Fast and full-featured SSL scanner for Python 2.7. SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify mis-configurations affecting their SSL servers.
42 |
43 |
44 | ### Analysis
45 |
46 |
47 | #### For SMTP Services
48 | This command will only work for those services that supports SMTP. If you see **Any** Preferred or Accepted Cipher Suite in the Scan Results then TLSv1 is still enabled.
49 |
50 | **Command**
51 |
52 | ```
53 | sslyze_cli.py --starttls=smtp --tlsv1 192.168.1.222:25
54 | ```
55 |
56 | **Vulnerable Output**
57 |
58 | ```
59 | AVAILABLE PLUGINS
60 | -----------------
61 |
62 | CertificateInfoPlugin
63 | SessionRenegotiationPlugin
64 | OpenSslCcsInjectionPlugin
65 | HeartbleedPlugin
66 | HstsPlugin
67 | FallbackScsvPlugin
68 | OpenSslCipherSuitesPlugin
69 | CompressionPlugin
70 | SessionResumptionPlugin
71 |
72 |
73 |
74 | CHECKING HOST(S) AVAILABILITY
75 | -----------------------------
76 |
77 | 192.168.1.222:25 => 192.168.1.222:25
78 |
79 |
80 | SCAN RESULTS FOR 192.168.1.222:25 - 192.168.1.222:25
81 | ------------------------------------------------------
82 |
83 | * TLSV1 Cipher Suites:
84 | Preferred:
85 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-1024 bits 256 bits
86 | Accepted:
87 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-1024 bits 256 bits
88 | TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits
89 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-1024 bits 128 bits
90 | TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits
91 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits
92 | TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits
93 |
94 | SCAN COMPLETED IN 0.34 S
95 | ------------------------
96 | ```
97 |
98 |
99 | #### Other SSL Enabled Services
100 | If you see **Any** Preferred or Accepted Cipher Suite in the Scan Results then TLSv1 is still enabled.
101 |
102 | **Command**
103 |
104 | ```
105 | sslyze_cli.py --tlsv1 192.168.1.222:25
106 | ```
107 |
108 | **Vulnerable Output**
109 |
110 | ```
111 | AVAILABLE PLUGINS
112 | -----------------
113 |
114 | CertificateInfoPlugin
115 | SessionRenegotiationPlugin
116 | OpenSslCcsInjectionPlugin
117 | HeartbleedPlugin
118 | HstsPlugin
119 | FallbackScsvPlugin
120 | OpenSslCipherSuitesPlugin
121 | CompressionPlugin
122 | SessionResumptionPlugin
123 |
124 |
125 |
126 | CHECKING HOST(S) AVAILABILITY
127 | -----------------------------
128 |
129 | 192.168.1.222:25 => 192.168.1.222:25
130 |
131 |
132 | SCAN RESULTS FOR 192.168.1.222:25 - 192.168.1.222:25
133 | ------------------------------------------------------
134 |
135 | * TLSV1 Cipher Suites:
136 | Preferred:
137 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-1024 bits 256 bits
138 | Accepted:
139 | TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-1024 bits 256 bits
140 | TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits
141 | TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-1024 bits 128 bits
142 | TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits
143 | TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DH-1024 bits 112 bits
144 | TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits
145 |
146 | SCAN COMPLETED IN 0.34 S
147 | ------------------------
148 | ```
149 |
150 |
--------------------------------------------------------------------------------