mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-03 23:39:45 +01:00
Fix #660 for run_sweet32()
This PR addresses issue #660 for run_sweet32(), detecting if 3DES is used, even if it isn't used with the highest protocol version supported by the server. As with PR #854, this increased robustness comes at the expense of taking addition time to run the test.
This commit is contained in:
parent
430917d59f
commit
58d67b52a1
30
testssl.sh
30
testssl.sh
@ -10616,12 +10616,13 @@ run_breach() {
|
||||
# SWEET32 (https://sweet32.info/). Birthday attacks on 64-bit block ciphers.
|
||||
# In a nutshell: don't use 3DES ciphers anymore (DES, RC2 and IDEA too)
|
||||
run_sweet32() {
|
||||
local -i sclient_success=0
|
||||
local -i sclient_success=1
|
||||
# DES, RC2 and IDEA are missing
|
||||
local sweet32_ciphers="ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:AECDH-DES-CBC3-SHA:ADH-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:RSA-PSK-3DES-EDE-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5:ECDHE-PSK-3DES-EDE-CBC-SHA:DHE-PSK-3DES-EDE-CBC-SHA"
|
||||
local sweet32_ciphers_hex="c0,12, c0,08, c0,1c, c0,1b, c0,1a, 00,16, 00,13, 00,10, 00,0d, c0,17, 00,1b, c0,0d, c0,03, 00,0a, 00,93, 00,8b, 00,1f, 00,23, c0,34, 00,8f, fe,ff, ff,e0"
|
||||
# proper parsing to be clarified: 07,00,c0
|
||||
|
||||
local proto
|
||||
local cve="CVE-2016-2183, CVE-2016-6329"
|
||||
local cwe="CWE-327"
|
||||
local hint=""
|
||||
@ -10635,16 +10636,29 @@ run_sweet32() {
|
||||
# The openssl binary distributed has almost everything we need (PSK, KRB5 ciphers and feff, ffe0 are typically missing).
|
||||
# Measurements show that there's little impact whether we use sockets or TLS here, so the default is sockets here
|
||||
if "$using_sockets"; then
|
||||
tls_sockets "03" "${sweet32_ciphers_hex}"
|
||||
sclient_success=$?
|
||||
[[ "$sclient_success" -eq 2 ]] && sclient_success=0
|
||||
for proto in 03 02 01 00; do
|
||||
"$FAST" && [[ "$proto" != "03" ]] && break
|
||||
! "$FAST" && [[ $(has_server_protocol "$proto") -eq 1 ]] && continue
|
||||
tls_sockets "$proto" "${sweet32_ciphers_hex}"
|
||||
sclient_success=$?
|
||||
[[ $sclient_success -eq 2 ]] && sclient_success=0
|
||||
[[ $sclient_success -eq 0 ]] && break
|
||||
done
|
||||
else
|
||||
nr_sweet32_ciphers=$(count_ciphers $sweet32_ciphers)
|
||||
nr_supported_ciphers=$(count_ciphers $(actually_supported_ciphers $sweet32_ciphers))
|
||||
$OPENSSL s_client $STARTTLS $BUGS -cipher $sweet32_ciphers -connect $NODEIP:$PORT $PROXY >$TMPFILE $SNI 2>$ERRFILE </dev/null
|
||||
sclient_connect_successful $? $TMPFILE
|
||||
sclient_success=$?
|
||||
[[ "$DEBUG" -eq 2 ]] && egrep -q "error|failure" $ERRFILE | egrep -av "unable to get local|verify error"
|
||||
for proto in -no_ssl2 -tls1_1 -tls1 -ssl3; do
|
||||
! "$HAS_SSL3" && [[ "$proto" == "-ssl3" ]] && continue
|
||||
if [[ "$proto" != "-no_ssl2" ]]; then
|
||||
"$FAST" && break
|
||||
[[ $(has_server_protocol "${proto:1}") -eq 1 ]] && continue
|
||||
fi
|
||||
$OPENSSL s_client $(s_client_options "$STARTTLS $BUGS $proto -cipher $sweet32_ciphers -connect $NODEIP:$PORT $PROXY $SNI") >$TMPFILE 2>$ERRFILE </dev/null
|
||||
sclient_connect_successful $? $TMPFILE
|
||||
sclient_success=$?
|
||||
[[ $DEBUG -eq 2 ]] && egrep -q "error|failure" $ERRFILE | egrep -av "unable to get local|verify error"
|
||||
[[ $sclient_success -eq 0 ]] && break
|
||||
done
|
||||
fi
|
||||
if [[ $sclient_success -eq 0 ]]; then
|
||||
pr_svrty_low "VULNERABLE"; out ", uses 64 bit block ciphers"
|
||||
|
Loading…
Reference in New Issue
Block a user