Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

Make SSLv2 parsing more robust

Browse Source
This commit is contained in:
Dirk 2017-11-27 21:55:17 +01:00
parent 0633ca595d
commit 20b38d5aa6
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
testssl.sh
View File

@ -4225,12 +4225,20 @@ run_protocols() {
if ! "$SSL_NATIVE"; then if ! "$SSL_NATIVE"; then
sslv2_sockets sslv2_sockets
case $? in case $? in
6) # couldn't open socket
prln_fixme "couldn't open socket"
fileout "sslv2" "WARN" "SSLv2 couldn't be tested, socket problem"
;;
7) # strange reply, couldn't convert the cipher spec length to a hex number 7) # strange reply, couldn't convert the cipher spec length to a hex number
pr_cyan "strange v2 reply " pr_cyan "strange v2 reply "
outln "$debug_recomm" outln "$debug_recomm"
[[ $DEBUG -ge 3 ]] && hexdump -C "$TEMPDIR/$NODEIP.sslv2_sockets.dd" | head -1 [[ $DEBUG -ge 3 ]] && hexdump -C "$TEMPDIR/$NODEIP.sslv2_sockets.dd" | head -1
fileout "sslv2" "WARN" "SSLv2: received a strange SSLv2 reply (rerun with DEBUG>=2)" fileout "sslv2" "WARN" "SSLv2: received a strange SSLv2 reply (rerun with DEBUG>=2)"
;; ;;
8) # no correct server hello
outln "no proper SSLv2 server hello, can't tell"
fileout "sslv2" "INFO" "server sent no proper reply, unsure"
;;
1) # no sslv2 server hello returned, like in openlitespeed which returns HTTP! 1) # no sslv2 server hello returned, like in openlitespeed which returns HTTP!
prln_done_best "not offered (OK)" prln_done_best "not offered (OK)"
fileout "sslv2" "OK" "SSLv2 is not offered" fileout "sslv2" "OK" "SSLv2 is not offered"
@ -4244,8 +4252,7 @@ run_protocols() {
4) pr_fixme "signalled a 5xx after STARTTLS handshake"; outln "$debug_recomm" 4) pr_fixme "signalled a 5xx after STARTTLS handshake"; outln "$debug_recomm"
fileout "sslv2" "WARN" "SSLv2: received 5xx after STARTTLS handshake reply (rerun with DEBUG>=2)" fileout "sslv2" "WARN" "SSLv2: received 5xx after STARTTLS handshake reply (rerun with DEBUG>=2)"
;; ;;
3) # everything else 3) lines=$(count_lines "$(hexdump -C "$TEMPDIR/$NODEIP.sslv2_sockets.dd" 2>/dev/null)")
lines=$(count_lines "$(hexdump -C "$TEMPDIR/$NODEIP.sslv2_sockets.dd" 2>/dev/null)")
[[ "$DEBUG" -ge 2 ]] && tm_out " ($lines lines) " [[ "$DEBUG" -ge 2 ]] && tm_out " ($lines lines) "
if [[ "$lines" -gt 1 ]]; then if [[ "$lines" -gt 1 ]]; then
nr_ciphers_detected=$((V2_HELLO_CIPHERSPEC_LENGTH / 3)) nr_ciphers_detected=$((V2_HELLO_CIPHERSPEC_LENGTH / 3))
@ -4258,7 +4265,10 @@ run_protocols() {
outln " -- $nr_ciphers_detected ciphers" outln " -- $nr_ciphers_detected ciphers"
fileout "sslv2" "CRITICAL" "SSLv2 offered, vulnerable to DROWN attack. Detected ciphers: $nr_ciphers_detected" fileout "sslv2" "CRITICAL" "SSLv2 offered, vulnerable to DROWN attack. Detected ciphers: $nr_ciphers_detected"
fi fi
fi ;; fi
;;
*) pr_fixme "unexpected value around line $((LINENO))"; outln "$debug_recomm"
;;
esac esac
debugme tmln_out debugme tmln_out
else else