mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-07 17:20:57 +01:00
Merge pull request #2190 from EliteTK/3.0-fix-crime-tls1.3
Fix CRIME test on servers only supporting TLS 1.3
This commit is contained in:
commit
2ca53116ca
13
testssl.sh
13
testssl.sh
@ -14661,6 +14661,7 @@ run_crime() {
|
|||||||
|
|
||||||
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for CRIME vulnerability " && outln
|
[[ $VULN_COUNT -le $VULN_THRESHLD ]] && outln && pr_headlineln " Testing for CRIME vulnerability " && outln
|
||||||
pr_bold " CRIME, TLS " ; out "($cve) "
|
pr_bold " CRIME, TLS " ; out "($cve) "
|
||||||
|
jsonID="CRIME_TLS"
|
||||||
|
|
||||||
if "$TLS13_ONLY"; then
|
if "$TLS13_ONLY"; then
|
||||||
pr_svrty_best "not vulnerable (OK)"
|
pr_svrty_best "not vulnerable (OK)"
|
||||||
@ -14673,7 +14674,7 @@ run_crime() {
|
|||||||
if ! "$HAS_ZLIB"; then
|
if ! "$HAS_ZLIB"; then
|
||||||
if "$SSL_NATIVE"; then
|
if "$SSL_NATIVE"; then
|
||||||
prln_local_problem "$OPENSSL lacks zlib support"
|
prln_local_problem "$OPENSSL lacks zlib support"
|
||||||
fileout "CRIME_TLS" "WARN" "CRIME, TLS: Not tested. $OPENSSL lacks zlib support" "$cve" "$cwe"
|
fileout "$jsonID" "WARN" "CRIME, TLS: Not tested. $OPENSSL lacks zlib support" "$cve" "$cwe"
|
||||||
return 1
|
return 1
|
||||||
else
|
else
|
||||||
tls_sockets "03" "$TLS12_CIPHER" "" "" "true"
|
tls_sockets "03" "$TLS12_CIPHER" "" "" "true"
|
||||||
@ -14691,23 +14692,23 @@ run_crime() {
|
|||||||
|
|
||||||
if [[ $sclient_success -ne 0 ]]; then
|
if [[ $sclient_success -ne 0 ]]; then
|
||||||
pr_warning "test failed (couldn't connect)"
|
pr_warning "test failed (couldn't connect)"
|
||||||
fileout "CRIME_TLS" "WARN" "Check failed, couldn't connect" "$cve" "$cwe"
|
fileout "$jsonID" "WARN" "Check failed, couldn't connect" "$cve" "$cwe"
|
||||||
ret=1
|
ret=1
|
||||||
elif grep -a Compression $TMPFILE | grep -aq NONE >/dev/null; then
|
elif grep -a Compression $TMPFILE | grep -aq NONE >/dev/null; then
|
||||||
pr_svrty_good "not vulnerable (OK)"
|
pr_svrty_good "not vulnerable (OK)"
|
||||||
if [[ $SERVICE != HTTP ]] && ! "$CLIENT_AUTH"; then
|
if [[ $SERVICE != HTTP ]] && ! "$CLIENT_AUTH"; then
|
||||||
out " (not using HTTP anyway)"
|
out " (not using HTTP anyway)"
|
||||||
fileout "CRIME_TLS" "OK" "not vulnerable (not using HTTP anyway)" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable (not using HTTP anyway)" "$cve" "$cwe"
|
||||||
else
|
else
|
||||||
fileout "CRIME_TLS" "OK" "not vulnerable" "$cve" "$cwe"
|
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
|
||||||
fi
|
fi
|
||||||
else
|
else
|
||||||
if [[ $SERVICE == HTTP ]] || "$CLIENT_AUTH"; then
|
if [[ $SERVICE == HTTP ]] || "$CLIENT_AUTH"; then
|
||||||
pr_svrty_high "VULNERABLE (NOT ok)"
|
pr_svrty_high "VULNERABLE (NOT ok)"
|
||||||
fileout "CRIME_TLS" "HIGH" "VULNERABLE" "$cve" "$cwe" "$hint"
|
fileout "$jsonID" "HIGH" "VULNERABLE" "$cve" "$cwe" "$hint"
|
||||||
else
|
else
|
||||||
pr_svrty_medium "VULNERABLE but not using HTTP: probably no exploit known"
|
pr_svrty_medium "VULNERABLE but not using HTTP: probably no exploit known"
|
||||||
fileout "CRIME_TLS" "MEDIUM" "VULNERABLE, but not using HTTP. Probably no exploit known" "$cve" "$cwe" "$hint"
|
fileout "$jsonID" "MEDIUM" "VULNERABLE, but not using HTTP. Probably no exploit known" "$cve" "$cwe" "$hint"
|
||||||
# not clear whether a protocol != HTTP offers the ability to repeatedly modify the input
|
# not clear whether a protocol != HTTP offers the ability to repeatedly modify the input
|
||||||
# which is done e.g. via javascript in the context of HTTP
|
# which is done e.g. via javascript in the context of HTTP
|
||||||
fi
|
fi
|
||||||
|
Loading…
Reference in New Issue
Block a user