Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-11-04 07:45:27 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1810 from drwetter/starttls_injection

Browse Source 
STARTTLS injection
This commit is contained in:
Dirk Wetter
2020-12-29 14:40:58 +01:00
committed by GitHub
parent ffe223f6e6 e1a43e6e16
commit a9f4bb5fb5
6 changed files with 260 additions and 117 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
CHANGELOG.md
View File

@@ -12,7 +12,8 @@
* Percent output char problem fixed * Percent output char problem fixed
* Several display/output fixes * Several display/output fixes
* BREACH check: list all compression methods and add brotli * BREACH check: list all compression methods and add brotli
* test for winshock vulnerability * Test for old winshock vulnerability
* Test for STARTTLS injection vulnerabilities (SMTP, POP3, IMAP)
* Security fix: DNS input * Security fix: DNS input
* Don't use external pwd anymore * Don't use external pwd anymore
* STARTTLS: XMPP server support * STARTTLS: XMPP server support
@@ -30,6 +31,7 @@
* Client simulation runs in wide mode which is even better readable * Client simulation runs in wide mode which is even better readable
* Added --reqheader to support custom headers in HTTP requests * Added --reqheader to support custom headers in HTTP requests
### Features implemented / improvements in 3.0 ### Features implemented / improvements in 3.0
* Full support of TLS 1.3, shows also drafts supported * Full support of TLS 1.3, shows also drafts supported

2
Dockerfile
View File

@@ -2,7 +2,7 @@ FROM alpine:3.11
RUN apk update && \ RUN apk update && \
apk upgrade && \ apk upgrade && \
apk add bash procps drill git coreutils libidn curl && \ apk add bash procps drill git coreutils libidn curl socat openssl && \
rm -rf /var/cache/apk/* && \ rm -rf /var/cache/apk/* && \
addgroup testssl && \ addgroup testssl && \
adduser -G testssl -g "testssl user" -s /bin/bash -D testssl && \ adduser -G testssl -g "testssl user" -s /bin/bash -D testssl && \

5
doc/testssl.1
View File

@@ -354,7 +354,10 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, Expect\-CT,\.\.\. , CSP
\fB\-T, \-\-ticketbleed\fR Checks for Ticketbleed memory leakage in BigIP loadbalancers\. \fB\-T, \-\-ticketbleed\fR Checks for Ticketbleed memory leakage in BigIP loadbalancers\.
. .
.P .P
\fB\-BB, \-\-robot\fR Checks for vulnerability to ROBOT / (\fIReturn Of Bleichenbacher\'s Oracle Threat\fR) attack\. \fB\-\-BB, \-\-robot\fR Checks for vulnerability to ROBOT / (\fIReturn Of Bleichenbacher\'s Oracle Threat\fR) attack\.
.
.P
\fB\-\-SI, \-\-starttls\-injection\fR Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only)\. \fIsocat\fR and OpenSSL >=1.1.0 is needed\.
. .
.P .P
\fB\-R, \-\-renegotiation\fR Tests renegotiation vulnerabilities\. Currently there\'s a check for \fISecure Renegotiation\fR and for \fISecure Client\-Initiated Renegotiation\fR\. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP)\. A check for \fIInsecure Client\-Initiated Renegotiation\fR is not yet implemented\. \fB\-R, \-\-renegotiation\fR Tests renegotiation vulnerabilities\. Currently there\'s a check for \fISecure Renegotiation\fR and for \fISecure Client\-Initiated Renegotiation\fR\. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP)\. A check for \fIInsecure Client\-Initiated Renegotiation\fR is not yet implemented\.

4
doc/testssl.1.html
View File

@@ -320,7 +320,9 @@ Also for multiple server certificates are being checked for as well as for the c
<p><code>-T, --ticketbleed</code> Checks for Ticketbleed memory leakage in BigIP loadbalancers.</p> <p><code>-T, --ticketbleed</code> Checks for Ticketbleed memory leakage in BigIP loadbalancers.</p>
<p><code>-BB, --robot</code> Checks for vulnerability to ROBOT / (<em>Return Of Bleichenbacher's Oracle Threat</em>) attack.</p> <p><code>--BB, --robot</code> Checks for vulnerability to ROBOT / (<em>Return Of Bleichenbacher's Oracle Threat</em>) attack.</p>
<p><code>--SI, --starttls-injection</code> Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only). <code>socat</code> and OpenSSL &ge;1.1.0 is needed.</p>
<p><code>-R, --renegotiation</code> Tests renegotiation vulnerabilities. Currently there's a check for <em>Secure Renegotiation</em> and for <em>Secure Client-Initiated Renegotiation</em>. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for <em>Insecure Client-Initiated Renegotiation</em> is not yet implemented.</p> <p><code>-R, --renegotiation</code> Tests renegotiation vulnerabilities. Currently there's a check for <em>Secure Renegotiation</em> and for <em>Secure Client-Initiated Renegotiation</em>. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for <em>Insecure Client-Initiated Renegotiation</em> is not yet implemented.</p>

4
doc/testssl.1.md
View File

@@ -234,7 +234,9 @@ Also for multiple server certificates are being checked for as well as for the c
`-T, --ticketbleed` Checks for Ticketbleed memory leakage in BigIP loadbalancers. `-T, --ticketbleed` Checks for Ticketbleed memory leakage in BigIP loadbalancers.
`-BB, --robot` Checks for vulnerability to ROBOT / (*Return Of Bleichenbacher's Oracle Threat*) attack. `--BB, --robot` Checks for vulnerability to ROBOT / (*Return Of Bleichenbacher's Oracle Threat*) attack.
`--SI, --starttls-injection` Checks for STARTTLS injection vulnerabilities (SMTP, IMAP, POP3 only). `socat` and OpenSSL >=1.1.0 is needed.
`-R, --renegotiation` Tests renegotiation vulnerabilities. Currently there's a check for *Secure Renegotiation* and for *Secure Client-Initiated Renegotiation*. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for *Insecure Client-Initiated Renegotiation* is not yet implemented. `-R, --renegotiation` Tests renegotiation vulnerabilities. Currently there's a check for *Secure Renegotiation* and for *Secure Client-Initiated Renegotiation*. Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for *Insecure Client-Initiated Renegotiation* is not yet implemented.

358
testssl.sh
View File

@@ -219,11 +219,8 @@ UNBRACKTD_IPV6=${UNBRACKTD_IPV6:-false} # some versions of OpenSSL (like Gentoo)
NO_ENGINE=${NO_ENGINE:-false} # if there are problems finding the (external) openssl engine set this to true NO_ENGINE=${NO_ENGINE:-false} # if there are problems finding the (external) openssl engine set this to true
declare -r CLIENT_MIN_FS=5 # number of ciphers needed to run a test for FS declare -r CLIENT_MIN_FS=5 # number of ciphers needed to run a test for FS
CAPATH="${CAPATH:-/etc/ssl/certs/}" # Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d) CAPATH="${CAPATH:-/etc/ssl/certs/}" # Does nothing yet (FC has only a CA bundle per default, ==> openssl version -d)
GOOD_CA_BUNDLE="" # A bundle of CA certificates that can be used to validate the server's certificate SOCAT="${SOCAT:-}" # For now we would need this for STARTTLS injection
CERTIFICATE_LIST_ORDERING_PROBLEM=false # Set to true if server sends a certificate list that contains a certificate
# that does not certify the one immediately preceding it. (See RFC 8446, Section 4.4.2)
STAPLED_OCSP_RESPONSE=""
HAS_DNS_SANS=false # Whether the certificate includes a subjectAltName extension with a DNS name or an application-specific identifier type.
MEASURE_TIME_FILE=${MEASURE_TIME_FILE:-""} MEASURE_TIME_FILE=${MEASURE_TIME_FILE:-""}
if [[ -n "$MEASURE_TIME_FILE" ]] && [[ -z "$MEASURE_TIME" ]]; then if [[ -n "$MEASURE_TIME_FILE" ]] && [[ -z "$MEASURE_TIME" ]]; then
MEASURE_TIME=true MEASURE_TIME=true
@@ -241,6 +238,8 @@ SYSTEM2="" # currently only being used for WSL = ba
PRINTF="" # which external printf to use. Empty presets the internal one, see #1130 PRINTF="" # which external printf to use. Empty presets the internal one, see #1130
CIPHERS_BY_STRENGTH_FILE="" CIPHERS_BY_STRENGTH_FILE=""
TLS_DATA_FILE="" # mandatory file for socket-based handshakes TLS_DATA_FILE="" # mandatory file for socket-based handshakes
OPENSSL="" # If you run this from github it's ~/bin/openssl.$(uname).$(uname -m) otherwise /usr/bin/openssl
OPENSSL2="" # When running from github, this will be openssl version >=1.1.1 (auto determined)
OPENSSL_LOCATION="" OPENSSL_LOCATION=""
IKNOW_FNAME=false IKNOW_FNAME=false
FIRST_FINDING=true # is this the first finding we are outputting to file? FIRST_FINDING=true # is this the first finding we are outputting to file?
@@ -297,13 +296,21 @@ NW_STR=""
LEN_STR="" LEN_STR=""
SNI="" SNI=""
POODLE="" # keep vulnerability status for TLS_FALLBACK_SCSV POODLE="" # keep vulnerability status for TLS_FALLBACK_SCSV
# Initialize OpenSSL variables (and others)
OSSL_NAME="" # openssl name, in case of LibreSSL it's LibreSSL OSSL_NAME="" # openssl name, in case of LibreSSL it's LibreSSL
OSSL_VER="" # openssl version, will be auto-determined OSSL_VER="" # openssl version, will be auto-determined
OSSL_VER_MAJOR=0 OSSL_VER_MAJOR=0
OSSL_VER_MINOR=0 OSSL_VER_MINOR=0
OSSL_VER_APPENDIX="none" OSSL_VER_APPENDIX="none"
CLIENT_PROB_NO=1 CLIENT_PROB_NO=1
HAS_DH_BITS=${HAS_DH_BITS:-false} # initialize openssl variables
GOOD_CA_BUNDLE="" # A bundle of CA certificates that can be used to validate the server's certificate
CERTIFICATE_LIST_ORDERING_PROBLEM=false # Set to true if server sends a certificate list that contains a certificate
# that does not certify the one immediately preceding it. (See RFC 8446, Section 4.4.2)
STAPLED_OCSP_RESPONSE=""
HAS_DNS_SANS=false # Whether the certificate includes a subjectAltName extension with a DNS name or an application-specific identifier type.
HAS_DH_BITS=${HAS_DH_BITS:-false} # These are variables which are set by find_openssl_binary()
HAS_CURVES=false HAS_CURVES=false
OSSL_SUPPORTED_CURVES="" OSSL_SUPPORTED_CURVES=""
HAS_SSL2=false HAS_SSL2=false
@@ -335,6 +342,8 @@ HAS_CHACHA20=false
HAS_AES128_GCM=false HAS_AES128_GCM=false
HAS_AES256_GCM=false HAS_AES256_GCM=false
HAS_ZLIB=false HAS_ZLIB=false
HAS_UDS=false
HAS_UDS2=false
HAS_DIG=false HAS_DIG=false
HAS_HOST=false HAS_HOST=false
HAS_DRILL=false HAS_DRILL=false
@@ -763,10 +772,8 @@ debugme() {
[[ "$DEBUG" -ge 2 ]] && "$@" [[ "$DEBUG" -ge 2 ]] && "$@"
return 0 return 0
} }
debugme1() {
[[ "$DEBUG" -ge 1 ]] && "$@" debugme1() { [[ "$DEBUG" -ge 2 ]] && "$@"; }
return 0
}
hex2dec() { hex2dec() {
echo $((16#$1)) echo $((16#$1))
@@ -2191,7 +2198,8 @@ s_client_options() {
###### check code starts here ###### ###### check code starts here ######
# determines whether the port has an HTTP service running or not (plain TLS, no STARTTLS) # determines whether the port has an HTTP service running or not (plain TLS, no STARTTLS)
# arg1 could be the protocol determined as "working". IIS6 needs that # arg1 could be the protocol determined as "working". IIS6 needs that.
#
service_detection() { service_detection() {
local -i was_killed local -i was_killed
@@ -4671,7 +4679,7 @@ client_simulation_sockets() {
tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE") tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}" tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}"
elif [[ $ret -eq 1 ]] || [[ $ret -eq 6 ]]; then elif [[ $ret -eq 1 ]] || [[ $ret -eq 6 ]]; then
close_socket close_socket 5
TMPFILE=$SOCK_REPLY_FILE TMPFILE=$SOCK_REPLY_FILE
tmpfile_handle ${FUNCNAME[0]}.dd tmpfile_handle ${FUNCNAME[0]}.dd
return $ret return $ret
@@ -4753,7 +4761,7 @@ client_simulation_sockets() {
debugme tmln_out debugme tmln_out
fi fi
close_socket close_socket 5
TMPFILE=$SOCK_REPLY_FILE TMPFILE=$SOCK_REPLY_FILE
tmpfile_handle ${FUNCNAME[0]}.dd tmpfile_handle ${FUNCNAME[0]}.dd
return $ret return $ret
@@ -10563,7 +10571,8 @@ starttls_just_send(){
local -i ret=0 local -i ret=0
debugme echo "C: $1\r\n" debugme echo "C: $1\r\n"
echo -ne "$1\r\n" >&5 # We need cat here, otherwise the appended ELHO after STARTTLS will be in the next packet
printf "%b" "$1\r\n" | cat >&5
ret=$? ret=$?
if [[ $ret -eq 0 ]]; then if [[ $ret -eq 0 ]]; then
debugme echo " > succeeded: $2" debugme echo " > succeeded: $2"
@@ -10663,56 +10672,62 @@ starttls_ftp_dialog() {
} }
# argv1: empty: SMTP, "lmtp" : LMTP # argv1: empty: SMTP, "lmtp" : LMTP
# argv2: payload for STARTTLS injection test
# #
starttls_smtp_dialog() { starttls_smtp_dialog() {
local greet_str="EHLO testssl.sh" local greet_str="EHLO testssl.sh"
local proto="smtp" local proto="smtp"
local reSTARTTLS='^250[ -]STARTTLS' local reSTARTTLS='^250[ -]STARTTLS'
local starttls="STARTTLS"
local -i ret=0 local -i ret=0
"$SNEAKY" && greet_str="EHLO google.com"
[[ -n "$2" ]] && starttls="$starttls\r\n$2" # this adds a payload if supplied
if [[ "$1" == lmtp ]]; then if [[ "$1" == lmtp ]]; then
proto="lmtp" proto="lmtp"
greet_str="LHLO" greet_str="LHLO"
fi fi
if [[ -n "$2" ]]; then
# Here we can "add" commands in the future. Please note \r\n will automatically be appended
greet_str="$2"
elif "$SNEAKY"; then
greet_str="EHLO google.com"
fi
debugme echo "=== starting $proto STARTTLS dialog ===" debugme echo "=== starting $proto STARTTLS dialog ==="
starttls_full_read '^220-' '^220 ' '' "received server greeting" && starttls_full_read '^220-' '^220 ' '' "received server greeting" &&
starttls_just_send "$greet_str" "sent $greet_str" && starttls_just_send "$greet_str" "sent $greet_str" &&
starttls_full_read '^250-' '^250 ' "${reSTARTTLS}" "received server capabilities and checked STARTTLS availability" && starttls_full_read '^250-' '^250 ' "${reSTARTTLS}" "received server capabilities and checked STARTTLS availability" &&
starttls_just_send 'STARTTLS' "initiated STARTTLS" && starttls_just_send "$starttls" "initiated STARTTLS" &&
starttls_full_read '^220-' '^220 ' '' "received ack for STARTTLS" starttls_full_read '^220-' '^220 ' '' "received ack for STARTTLS"
ret=$? ret=$?
debugme echo "=== finished $proto STARTTLS dialog with ${ret} ===" debugme echo "=== finished $proto STARTTLS dialog with ${ret} ==="
return $ret return $ret
} }
# argv1: payload for STARTTLS injection test
#
starttls_pop3_dialog() { starttls_pop3_dialog() {
local -i ret=0 local -i ret=0
local starttls="STLS"
[[ -n "$1" ]] && starttls="$starttls\r\n$1" # this adds a payload if supplied
debugme echo "=== starting pop3 STARTTLS dialog ===" debugme echo "=== starting pop3 STARTTLS dialog ==="
starttls_full_read '^\+OK' '^\+OK' '' "received server greeting" && starttls_full_read '^\+OK' '^\+OK' '' "received server greeting" &&
starttls_just_send 'STLS' "initiated STARTTLS" && starttls_just_send "$starttls" "initiated STARTTLS" &&
starttls_full_read '^\+OK' '^\+OK' '' "received ack for STARTTLS" starttls_full_read '^\+OK' '^\+OK' '' "received ack for STARTTLS"
ret=$? ret=$?
debugme echo "=== finished pop3 STARTTLS dialog with ${ret} ===" debugme echo "=== finished pop3 STARTTLS dialog with ${ret} ==="
return $ret return $ret
} }
# argv1: payload for STARTTLS injection test
#
starttls_imap_dialog() { starttls_imap_dialog() {
local -i ret=0 local -i ret=0
local reSTARTTLS='^\* CAPABILITY(( .*)? IMAP4rev1( .*)? STARTTLS(.*)?|( .*)? STARTTLS( .*)? IMAP4rev1(.*)?)$' local reSTARTTLS='^\* CAPABILITY(( .*)? IMAP4rev1( .*)? STARTTLS(.*)?|( .*)? STARTTLS( .*)? IMAP4rev1(.*)?)$'
local starttls="a002 STARTTLS"
[[ -n "$1" ]] && starttls="$starttls\r\n$1" # this adds a payload if supplied
debugme echo "=== starting imap STARTTLS dialog ===" debugme echo "=== starting imap STARTTLS dialog ==="
starttls_full_read '^\* ' '^\* OK ' '' "received server greeting" && starttls_full_read '^\* ' '^\* OK ' '' "received server greeting" &&
starttls_just_send 'a001 CAPABILITY' "sent CAPABILITY" && starttls_just_send 'a001 CAPABILITY' "sent CAPABILITY" &&
starttls_full_read '^\* ' '^a001 OK ' "${reSTARTTLS}" "received server capabilities and checked STARTTLS availability" && starttls_full_read '^\* ' '^a001 OK ' "${reSTARTTLS}" "received server capabilities and checked STARTTLS availability" &&
starttls_just_send 'a002 STARTTLS' "initiated STARTTLS" && starttls_just_send "$starttls" "initiated STARTTLS" &&
starttls_full_read '^\* ' '^a002 OK ' '' "received ack for STARTTLS" starttls_full_read '^\* ' '^a002 OK ' '' "received ack for STARTTLS"
ret=$? ret=$?
debugme echo "=== finished imap STARTTLS dialog with ${ret} ===" debugme echo "=== finished imap STARTTLS dialog with ${ret} ==="
@@ -10788,10 +10803,13 @@ starttls_mysql_dialog() {
return $ret return $ret
} }
# arg1: fd for socket -- which we don't use as it is a hassle and it is not clear whether it works under every bash version # arg1: fd for socket -- which we don't use yes as it is a hassle (not clear whether it works under every bash version)
# arg2: optional: for STARTTLS additional command to be injected
# returns 6 if opening the socket caused a problem, 1 if STARTTLS handshake failed, 0: all ok # returns 6 if opening the socket caused a problem, 1 if STARTTLS handshake failed, 0: all ok
# #
fd_socket() { fd_socket() {
local fd="$1"
local payload="$2"
local proyxline="" local proyxline=""
local nodeip="$(tr -d '[]' <<< $NODEIP)" # sockets do not need the square brackets we have of IPv6 addresses local nodeip="$(tr -d '[]' <<< $NODEIP)" # sockets do not need the square brackets we have of IPv6 addresses
# we just need do it here, that's all! # we just need do it here, that's all!
@@ -10815,14 +10833,14 @@ fd_socket() {
read -t $PROXY_WAIT -r proyxline <&5 read -t $PROXY_WAIT -r proyxline <&5
if [[ $? -ge 128 ]]; then if [[ $? -ge 128 ]]; then
pr_warning "Proxy timed out. Unable to CONNECT via proxy. " pr_warning "Proxy timed out. Unable to CONNECT via proxy. "
close_socket close_socket 5
return 6 return 6
elif [[ "${proyxline%/*}" == HTTP ]]; then elif [[ "${proyxline%/*}" == HTTP ]]; then
proyxline=${proyxline#* } proyxline=${proyxline#* }
if [[ "${proyxline%% *}" != 200 ]]; then if [[ "${proyxline%% *}" != 200 ]]; then
pr_warning "Unable to CONNECT via proxy. " pr_warning "Unable to CONNECT via proxy. "
[[ "$PORT" != 443 ]] && prln_warning "Check whether your proxy supports port $PORT and the underlying protocol." [[ "$PORT" != 443 ]] && prln_warning "Check whether your proxy supports port $PORT and the underlying protocol."
close_socket close_socket 5
return 6 return 6
fi fi
fi fi
@@ -10855,19 +10873,19 @@ fd_socket() {
starttls_ftp_dialog starttls_ftp_dialog
;; ;;
smtp|smtps) # SMTP, see https://tools.ietf.org/html/rfc{2033,3207,5321} smtp|smtps) # SMTP, see https://tools.ietf.org/html/rfc{2033,3207,5321}
starttls_smtp_dialog starttls_smtp_dialog "" "$payload"
;; ;;
lmtp|lmtps) # LMTP, see https://tools.ietf.org/html/rfc{2033,3207,5321} lmtp|lmtps) # LMTP, see https://tools.ietf.org/html/rfc{2033,3207,5321}
starttls_smtp_dialog lmtp starttls_smtp_dialog lmtp
;; ;;
pop3|pop3s) # POP, see https://tools.ietf.org/html/rfc2595 pop3|pop3s) # POP, see https://tools.ietf.org/html/rfc2595
starttls_pop3_dialog starttls_pop3_dialog "$payload"
;; ;;
nntp|nntps) # NNTP, see https://tools.ietf.org/html/rfc4642 nntp|nntps) # NNTP, see https://tools.ietf.org/html/rfc4642
starttls_nntp_dialog starttls_nntp_dialog
;; ;;
imap|imaps) # IMAP, https://tools.ietf.org/html/rfc2595, https://tools.ietf.org/html/rfc3501 imap|imaps) # IMAP, https://tools.ietf.org/html/rfc2595, https://tools.ietf.org/html/rfc3501
starttls_imap_dialog starttls_imap_dialog "$payload"
;; ;;
irc|ircs) # IRC, https://ircv3.net/specs/extensions/tls-3.1.html, https://ircv3.net/specs/core/capability-negotiation.html irc|ircs) # IRC, https://ircv3.net/specs/extensions/tls-3.1.html, https://ircv3.net/specs/core/capability-negotiation.html
fatal "FIXME: IRC+STARTTLS not yet supported" $ERR_NOSUPPORT fatal "FIXME: IRC+STARTTLS not yet supported" $ERR_NOSUPPORT
@@ -10895,7 +10913,11 @@ fd_socket() {
case $ret in case $ret in
0) return 0 ;; 0) return 0 ;;
3) fatal "No STARTTLS found in handshake" $ERR_CONNECT ;; 3) fatal "No STARTTLS found in handshake" $ERR_CONNECT ;;
*) ((NR_STARTTLS_FAIL++)) *) if [[ $ret -eq 2 ]] && [[ -n "$payload" ]]; then
# We don't want this handling for STARTTLS injection
return 0
fi
((NR_STARTTLS_FAIL++))
# This are mostly timeouts here (code >=128). We give the client a chance to try again later. For cases # This are mostly timeouts here (code >=128). We give the client a chance to try again later. For cases
# where we have no STARTTLS in the server banner however - ret code=3 - we don't neet to try again # where we have no STARTTLS in the server banner however - ret code=3 - we don't neet to try again
connectivity_problem $NR_STARTTLS_FAIL $MAX_STARTTLS_FAIL "STARTTLS handshake failed (code: $ret)" "repeated STARTTLS problems, giving up ($ret)" connectivity_problem $NR_STARTTLS_FAIL $MAX_STARTTLS_FAIL "STARTTLS handshake failed (code: $ret)" "repeated STARTTLS problems, giving up ($ret)"
@@ -10907,7 +10929,11 @@ fd_socket() {
return 1 return 1
} }
# arg1: socket fd but atm we use 5 anyway, see comment for fd_socket()
#
close_socket(){ close_socket(){
local fd="$1"
exec 5<&- exec 5<&-
exec 5>&- exec 5>&-
return 0 return 0
@@ -14387,7 +14413,7 @@ sslv2_sockets() {
parse_sslv2_serverhello "$SOCK_REPLY_FILE" "$parse_complete" parse_sslv2_serverhello "$SOCK_REPLY_FILE" "$parse_complete"
ret=$? ret=$?
close_socket close_socket 5
tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE
return $ret return $ret
} }
@@ -15141,7 +15167,7 @@ tls_sockets() {
tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE") tls_hello_ascii=$(hexdump -v -e '16/1 "%02X"' "$SOCK_REPLY_FILE")
tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}" tls_hello_ascii="${tls_hello_ascii%%[!0-9A-F]*}"
elif [[ $ret -eq 1 ]] || [[ $ret -eq 6 ]]; then elif [[ $ret -eq 1 ]] || [[ $ret -eq 6 ]]; then
close_socket close_socket 5
TMPFILE=$SOCK_REPLY_FILE TMPFILE=$SOCK_REPLY_FILE
tmpfile_handle ${FUNCNAME[0]}.dd tmpfile_handle ${FUNCNAME[0]}.dd
return $ret return $ret
@@ -15313,7 +15339,7 @@ tls_sockets() {
debugme echo "stuck on sending: $ret" debugme echo "stuck on sending: $ret"
fi fi
"$close_connection" && close_socket "$close_connection" && close_socket 5
tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE
return $ret return $ret
} }
@@ -15519,7 +15545,7 @@ run_heartbleed(){
fi fi
outln outln
tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE
close_socket close_socket 5
return 0 return 0
} }
@@ -15709,7 +15735,7 @@ run_ccs_injection(){
outln outln
tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE tmpfile_handle ${FUNCNAME[0]}.dd $SOCK_REPLY_FILE
close_socket close_socket 5
return $ret return $ret
} }
@@ -15916,14 +15942,14 @@ run_ticketbleed() {
pr_svrty_best "not vulnerable (OK)" pr_svrty_best "not vulnerable (OK)"
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
send_close_notify "${tls_hello_ascii:18:4}" send_close_notify "${tls_hello_ascii:18:4}"
close_socket close_socket 5
break break
elif [[ -z "${tls_hello_ascii:0:2}" ]]; then elif [[ -z "${tls_hello_ascii:0:2}" ]]; then
pr_svrty_best "not vulnerable (OK)" pr_svrty_best "not vulnerable (OK)"
out ", reply empty" out ", reply empty"
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
send_close_notify "${tls_hello_ascii:18:4}" send_close_notify "${tls_hello_ascii:18:4}"
close_socket close_socket 5
break break
elif [[ "${tls_hello_ascii:0:2}" == 16 ]]; then elif [[ "${tls_hello_ascii:0:2}" == 16 ]]; then
early_exit=false early_exit=false
@@ -15951,11 +15977,11 @@ run_ticketbleed() {
out " around line $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})" out " around line $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})"
fileout "$jsonID" "DEBUG" "test failed, around $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})" "$cve" "$cwe" fileout "$jsonID" "DEBUG" "test failed, around $LINENO (debug info: ${tls_hello_ascii:0:2}, ${tls_hello_ascii:2:10})" "$cve" "$cwe"
send_close_notify "${tls_hello_ascii:18:4}" send_close_notify "${tls_hello_ascii:18:4}"
close_socket close_socket 5
break break
fi fi
send_close_notify "${tls_hello_ascii:18:4}" send_close_notify "${tls_hello_ascii:18:4}"
close_socket close_socket 5
done done
if ! "$early_exit"; then if ! "$early_exit"; then
@@ -18109,7 +18135,6 @@ run_rc4() {
prln_svrty_good "no RC4 ciphers detected (OK)" prln_svrty_good "no RC4 ciphers detected (OK)"
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe" fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
fi fi
outln
"$using_sockets" && HAS_DH_BITS="$has_dh_bits" "$using_sockets" && HAS_DH_BITS="$has_dh_bits"
tmpfile_handle ${FUNCNAME[0]}.txt tmpfile_handle ${FUNCNAME[0]}.txt
@@ -18135,6 +18160,94 @@ run_tls_truncation() {
: :
} }
run_starttls_injection() {
local uds=""
local openssl_bin=""
local -i socat_pid
local -i openssl_pid
local vuln=false
local cve=""
local cwe="CWE-74"
local hint=""
local jsonID="starttls_injection"
[[ -z "$STARTTLS" ]] && return 0
if [[ $VULN_COUNT -le $VULN_THRESHLD ]]; then
outln
pr_headlineln " Checking for STARTTLS injection "
outln
fi
pr_bold " STARTTLS injection" ; out " (experimental) "
# We'll do a soft fail here, also no warning, as I do not expect to have everybody have socat installed
if [[ -z "$SOCAT" ]]; then
fileout "$jsonID" "WARN" "Need socat for this" "$cve" "$cwe" "$hint"
outln "Need socat for this check"
return 1
fi
if [[ -z "$HAS_UDS2" ]] && [[ -z "$HAS_UDS" ]]; then
fileout "$jsonID" "WARN" "Need OpenSSL with Unix-domain socket s_client support for this check" "$cve" "$cwe" "$hint"
outln "Need an OpenSSL with Unix-domain socket s_client support for this check"
return 1
fi
case $SERVICE in
smtp) fd_socket 5 "EHLO google.com"
;;
pop3) fd_socket 5 "CAPA"
;;
imap) five_random=$(tr -dc '[:upper:]' < /dev/urandom | dd bs=5 count=1 2>/dev/null)
fd_socket 5 "$five_random NOOP"
;;
*) outln "STARTTLS injection test doesn't work for $SERVICE, yet"
fileout "$jsonID" "INFO" "STARTTLS injection test doesn't work for $SERVICE" "$cve" "$cwe" "$hint"
return 1
;;
esac
uds="$TEMPDIR/uds"
$SOCAT FD:5 UNIX-LISTEN:$uds &
socat_pid=$!
if "$HAS_UDS"; then
openssl_bin="$OPENSSL"
elif "$HAS_UDS2"; then
openssl_bin="$OPENSSL2"
fi
# normally the interesting fallback we grep later for is in fd2 but we'll catch also stdout here
$openssl_bin s_client -unix $uds >$TMPFILE 2>&1 &
openssl_pid=$!
sleep 1
[[ "$DEBUG" -ge 2 ]] && tail $TMPFILE
#FIXME: is the pattern sufficient for SMTP / POP / IMAP?
case $SERVICE in
# Mind all ' ' here!
smtp) grep -Eqa '^250-|^503 ' $TMPFILE && vuln=true ;;
pop3) grep -Eqa '^USER|^PIPELINING|^\+OK ' $TMPFILE && vuln=true ;;
imap) grep -Eqa ' OK NOOP ' $TMPFILE && vuln=true ;;
esac
if "$vuln"; then
out "likely "
prln_svrty_high "VULNERABLE (NOT ok)"
fileout "$jsonID" "HIGH" "VULNERABLE" "$cve" "$cwe" "$hint"
else
prln_svrty_good "not vulnerable (OK)"
fileout "$jsonID" "OK" "not vulnerable" "$cve" "$cwe"
fi
kill $socat_pid 2>/dev/null
kill $openssl_pid 2>/dev/null
close_socket 5
tmpfile_handle ${FUNCNAME[0]}.txt
return 0
}
# Test for various server implementation errors that aren't tested for elsewhere. # Test for various server implementation errors that aren't tested for elsewhere.
# Inspired by RFC 8701. # Inspired by RFC 8701.
run_grease() { run_grease() {
@@ -18636,7 +18749,7 @@ run_robot() {
else else
socksend ",x15, x03, x01, x00, x02, x02, x00" 0 socksend ",x15, x03, x01, x00, x02, x02, x00" 0
fi fi
close_socket close_socket 5
prln_fixme "Conversion of public key failed around line $((LINENO - 9))" prln_fixme "Conversion of public key failed around line $((LINENO - 9))"
fileout "$jsonID" "WARN" "Conversion of public key failed around line $((LINENO - 10)) " fileout "$jsonID" "WARN" "Conversion of public key failed around line $((LINENO - 10)) "
return 1 return 1
@@ -18690,7 +18803,7 @@ run_robot() {
fi fi
debugme echo -e "\nresponse[$testnum] = ${response[testnum]}" debugme echo -e "\nresponse[$testnum] = ${response[testnum]}"
[[ $DEBUG -ge 3 ]] && [[ $subret -eq 0 ]] && parse_tls_serverhello "${response[testnum]}" [[ $DEBUG -ge 3 ]] && [[ $subret -eq 0 ]] && parse_tls_serverhello "${response[testnum]}"
close_socket close_socket 5
# Don't continue testing if it has already been determined that # Don't continue testing if it has already been determined that
# tests need to be rerun with a longer timeout. # tests need to be rerun with a longer timeout.
@@ -18855,7 +18968,9 @@ test_openssl_suffix() {
find_openssl_binary() { find_openssl_binary() {
local s_client_has=$TEMPDIR/s_client_has.txt local s_client_has=$TEMPDIR/s_client_has.txt
local s_client_has2=$TEMPDIR/s_client_has2.txt
local s_client_starttls_has=$TEMPDIR/s_client_starttls_has.txt local s_client_starttls_has=$TEMPDIR/s_client_starttls_has.txt
local s_client_starttls_has2=$TEMPDIR/s_client_starttls_has2
local openssl_location cwd="" local openssl_location cwd=""
local ossl_wo_dev_info local ossl_wo_dev_info
local curve local curve
@@ -18945,6 +19060,7 @@ find_openssl_binary() {
HAS_PROXY=false HAS_PROXY=false
HAS_XMPP=false HAS_XMPP=false
HAS_XMPP_SERVER=false HAS_XMPP_SERVER=false
HAS_XMPP_SERVER2=false
HAS_POSTGRES=false HAS_POSTGRES=false
HAS_MYSQL=false HAS_MYSQL=false
HAS_LMTP=false HAS_LMTP=false
@@ -18954,48 +19070,34 @@ find_openssl_binary() {
HAS_AES128_GCM=false HAS_AES128_GCM=false
HAS_AES256_GCM=false HAS_AES256_GCM=false
HAS_ZLIB=false HAS_ZLIB=false
HAS_UDS=false
HAS_UDS2=false
$OPENSSL ciphers -s 2>&1 | grep -aiq "unknown option" || \ $OPENSSL ciphers -s 2>&1 | grep -aiq "unknown option" || OSSL_CIPHERS_S="-s"
OSSL_CIPHERS_S="-s"
# This and all other occurences we do a little trick using "invalid." to avoid plain and # This and all other occurences we do a little trick using "invalid." to avoid plain and
# link level DNS lookups. See issue #1418 and https://tools.ietf.org/html/rfc6761#section-6.4 # link level DNS lookups. See issue #1418 and https://tools.ietf.org/html/rfc6761#section-6.4
$OPENSSL s_client -ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL s_client -ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL2=true
HAS_SSL2=true $OPENSSL s_client -ssl3 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SSL3=true
$OPENSSL s_client -tls1_3 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_TLS13=true
$OPENSSL s_client -no_ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_NO_SSL2=true
$OPENSSL s_client -ssl3 -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL genpkey -algorithm X448 2>&1 | grep -aq "not found" || HAS_X448=true
HAS_SSL3=true $OPENSSL genpkey -algorithm X25519 2>&1 | grep -aq "not found" || HAS_X25519=true
$OPENSSL pkey -help 2>&1 | grep -q Error || HAS_PKEY=true
$OPENSSL s_client -tls1_3 -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL pkeyutl 2>&1 | grep -q Error || HAS_PKUTIL=true
HAS_TLS13=true
$OPENSSL genpkey -algorithm X448 2>&1 | grep -aq "not found" || \
HAS_X448=true
$OPENSSL genpkey -algorithm X25519 2>&1 | grep -aq "not found" || \
HAS_X25519=true
if "$HAS_TLS13"; then if "$HAS_TLS13"; then
$OPENSSL s_client -tls1_3 -sigalgs PSS+SHA256:PSS+SHA384 -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL s_client -tls1_3 -sigalgs PSS+SHA256:PSS+SHA384 -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_SIGALGS=true
HAS_SIGALGS=true
fi fi
$OPENSSL s_client -no_ssl2 -connect invalid. 2>&1 | grep -aiq "unknown option" || \
HAS_NO_SSL2=true
$OPENSSL s_client -noservername -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL s_client -noservername -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_NOSERVERNAME=true
HAS_NOSERVERNAME=true $OPENSSL s_client -ciphersuites -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_CIPHERSUITES=true
$OPENSSL s_client -ciphersuites -connect invalid. 2>&1 | grep -aiq "unknown option" || \ $OPENSSL ciphers @SECLEVEL=0:ALL > /dev/null 2> /dev/null && HAS_SECLEVEL=true
HAS_CIPHERSUITES=true
$OPENSSL ciphers @SECLEVEL=0:ALL > /dev/null 2> /dev/null $OPENSSL s_client -comp -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_COMP=true
[[ $? -eq 0 ]] && HAS_SECLEVEL=true $OPENSSL s_client -no_comp -connect invalid. 2>&1 | grep -aiq "unknown option" || HAS_NO_COMP=true
$OPENSSL s_client -comp -connect invalid. 2>&1 | grep -aiq "unknown option" || \
HAS_COMP=true
$OPENSSL s_client -no_comp -connect invalid. 2>&1 | grep -aiq "unknown option" || \
HAS_NO_COMP=true
OPENSSL_NR_CIPHERS=$(count_ciphers "$(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL' 'ALL')") OPENSSL_NR_CIPHERS=$(count_ciphers "$(actually_supported_osslciphers 'ALL:COMPLEMENTOFALL' 'ALL')")
@@ -19012,50 +19114,40 @@ find_openssl_binary() {
done done
fi fi
$OPENSSL pkey -help 2>&1 | grep -q Error || \
HAS_PKEY=true
$OPENSSL pkeyutl 2>&1 | grep -q Error || \
HAS_PKUTIL=true
# For the following we feel safe enough to query the s_client help functions. # For the following we feel safe enough to query the s_client help functions.
# That was not good enough for the previous lookups # That was not good enough for the previous lookups
$OPENSSL s_client -help 2>$s_client_has $OPENSSL s_client -help 2>$s_client_has
$OPENSSL s_client -starttls foo 2>$s_client_starttls_has $OPENSSL s_client -starttls foo 2>$s_client_starttls_has
grep -qw '\-alpn' $s_client_has && \ grep -q '\-proxy' $s_client_has && HAS_PROXY=true
HAS_ALPN=true grep -qw '\-alpn' $s_client_has && HAS_ALPN=true
grep -qw '\-nextprotoneg' $s_client_has && HAS_NPN=true
grep -qw '\-nextprotoneg' $s_client_has && \ grep -qw '\-fallback_scsv' $s_client_has && HAS_FALLBACK_SCSV=true
HAS_NPN=true
grep -qw '\-fallback_scsv' $s_client_has && \ grep -q 'xmpp' $s_client_starttls_has && HAS_XMPP=true
HAS_FALLBACK_SCSV=true grep -q 'xmpp-server' $s_client_starttls_has && HAS_XMPP_SERVER=true
grep -q '\-proxy' $s_client_has && \ grep -q 'postgres' $s_client_starttls_has && HAS_POSTGRES=true
HAS_PROXY=true grep -q 'mysql' $s_client_starttls_has && HAS_MYSQL=true
grep -q 'lmtp' $s_client_starttls_has && HAS_LMTP=true
grep -q 'nntp' $s_client_starttls_has && HAS_NNTP=true
grep -q 'irc' $s_client_starttls_has && HAS_IRC=true
grep -q 'xmpp' $s_client_starttls_has && \ grep -q 'Unix-domain socket' $s_client_has && HAS_UDS=true
HAS_XMPP=true
grep -q 'xmpp-server' $s_client_starttls_has && \ # Now check whether the standard $OPENSSL has Unix-domain socket and xmpp-server support. If
HAS_XMPP_SERVER=true # not check /usr/bin/openssl -- if available. This is more a kludge which we shouldn't use for
# every openssl feature. At some point we need to decide which with openssl version we go.
grep -q 'postgres' $s_client_starttls_has && \ OPENSSL2=/usr/bin/openssl
HAS_POSTGRES=true if [[ ! $OSSL_VER =~ 1.1.1 ]] && [[ ! $OSSL_VER_MAJOR =~ 3 ]]; then
if [[ -x $OPENSSL2 ]]; then
grep -q 'mysql' $s_client_starttls_has && \ $OPENSSL2 s_client -help 2>$s_client_has2
HAS_MYSQL=true $OPENSSL2 s_client -starttls foo 2>$s_client_starttls_has2
grep -q 'Unix-domain socket' $s_client_has2 && HAS_UDS2=true
grep -q 'lmtp' $s_client_starttls_has && \ grep -q 'xmpp-server' $s_client_starttls_has2 && HAS_XMPP_SERVER2=true
HAS_LMTP=true fi
fi
grep -q 'nntp' $s_client_starttls_has && \
HAS_NNTP=true
grep -q 'irc' $s_client_starttls_has && \
HAS_IRC=true
$OPENSSL enc -chacha20 -K 12345678901234567890123456789012 -iv 01000000123456789012345678901234 > /dev/null 2> /dev/null <<< "test" $OPENSSL enc -chacha20 -K 12345678901234567890123456789012 -iv 01000000123456789012345678901234 > /dev/null 2> /dev/null <<< "test"
[[ $? -eq 0 ]] && HAS_CHACHA20=true [[ $? -eq 0 ]] && HAS_CHACHA20=true
@@ -19096,6 +19188,21 @@ find_openssl_binary() {
} }
find_socat() {
local result""
result=$(type -p socat)
if [[ $? -ne 0 ]]; then
return 1
else
if [[ -x $result ]] && $result -V | grep -iaq 'socat version' ; then
SOCAT=$result
return 0
fi
fi
}
check4openssl_oldfarts() { check4openssl_oldfarts() {
case "$OSSL_VER" in case "$OSSL_VER" in
0.9.7*|0.9.6*|0.9.5*) 0.9.7*|0.9.6*|0.9.5*)
@@ -19217,7 +19324,8 @@ single check as <options> ("$PROG_NAME URI" does everything except -E and -g):
-H, --heartbleed tests for Heartbleed vulnerability -H, --heartbleed tests for Heartbleed vulnerability
-I, --ccs, --ccs-injection tests for CCS injection vulnerability -I, --ccs, --ccs-injection tests for CCS injection vulnerability
-T, --ticketbleed tests for Ticketbleed vulnerability in BigIP loadbalancers -T, --ticketbleed tests for Ticketbleed vulnerability in BigIP loadbalancers
-BB, --robot tests for Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability --BB, --robot tests for Return of Bleichenbacher's Oracle Threat (ROBOT) vulnerability
--SI, --starttls-injection tests for STARTTLS injection issues
-R, --renegotiation tests for renegotiation vulnerabilities -R, --renegotiation tests for renegotiation vulnerabilities
-C, --compression, --crime tests for CRIME vulnerability (TLS compression issue) -C, --compression, --crime tests for CRIME vulnerability (TLS compression issue)
-B, --breach tests for BREACH vulnerability (HTTP compression issue) -B, --breach tests for BREACH vulnerability (HTTP compression issue)
@@ -19368,11 +19476,14 @@ HAS_PKUTIL: $HAS_PKUTIL
HAS_PROXY: $HAS_PROXY HAS_PROXY: $HAS_PROXY
HAS_XMPP: $HAS_XMPP HAS_XMPP: $HAS_XMPP
HAS_XMPP_SERVER: $HAS_XMPP_SERVER HAS_XMPP_SERVER: $HAS_XMPP_SERVER
HAS_XMPP_SERVER2: $HAS_XMPP_SERVER2
HAS_POSTGRES: $HAS_POSTGRES HAS_POSTGRES: $HAS_POSTGRES
HAS_MYSQL: $HAS_MYSQL HAS_MYSQL: $HAS_MYSQL
HAS_LMTP: $HAS_LMTP HAS_LMTP: $HAS_LMTP
HAS_NNTP: $HAS_NNTP HAS_NNTP: $HAS_NNTP
HAS_IRC: $HAS_IRC HAS_IRC: $HAS_IRC
HAS_UDS: $HAS_UDS
HAS_UDS2: $HAS_UDS2
HAS_DIG: $HAS_DIG HAS_DIG: $HAS_DIG
HAS_HOST: $HAS_HOST HAS_HOST: $HAS_HOST
@@ -19423,6 +19534,8 @@ CCS_MAX_WAITSOCK: $CCS_MAX_WAITSOCK
USLEEP_SND $USLEEP_SND USLEEP_SND $USLEEP_SND
USLEEP_REC $USLEEP_REC USLEEP_REC $USLEEP_REC
SOCAT: $SOCAT
EOF EOF
type -p locale &>/dev/null && locale >>$TEMPDIR/environment.txt || echo "locale doesn't exist" >>$TEMPDIR/environment.txt type -p locale &>/dev/null && locale >>$TEMPDIR/environment.txt || echo "locale doesn't exist" >>$TEMPDIR/environment.txt
actually_supported_osslciphers 'ALL:COMPLEMENTOFALL' 'ALL' "-V" &>$TEMPDIR/all_local_ciphers.txt actually_supported_osslciphers 'ALL:COMPLEMENTOFALL' 'ALL' "-V" &>$TEMPDIR/all_local_ciphers.txt
@@ -20542,7 +20655,7 @@ determine_service() {
fi fi
fi fi
fi fi
close_socket close_socket 5
outln outln
if [[ -z "$1" ]]; then if [[ -z "$1" ]]; then
@@ -20594,6 +20707,7 @@ determine_service() {
fi fi
fi fi
if [[ "$protocol" == xmpp-server ]] && ! "$HAS_XMPP_SERVER"; then if [[ "$protocol" == xmpp-server ]] && ! "$HAS_XMPP_SERVER"; then
#FIXME: make use of HAS_XMPP_SERVER2
fatal "Your $OPENSSL does not support the \"-starttls xmpp-server\" option" $ERR_OSSLBIN fatal "Your $OPENSSL does not support the \"-starttls xmpp-server\" option" $ERR_OSSLBIN
fi fi
elif [[ "$protocol" == postgres ]]; then elif [[ "$protocol" == postgres ]]; then
@@ -20631,7 +20745,12 @@ determine_service() {
fatal "momentarily only ftp, smtp, lmtp, pop3, imap, xmpp, xmpp-server, telnet, ldap, nntp, postgres and mysql allowed" $ERR_CMDLINE fatal "momentarily only ftp, smtp, lmtp, pop3, imap, xmpp, xmpp-server, telnet, ldap, nntp, postgres and mysql allowed" $ERR_CMDLINE
;; ;;
esac esac
# It comes handy later also for STARTTLS injection to define this global. When we do banner grabbing
# or replace service_detection() we might not need that anymore
SERVICE=$protocol
fi fi
tmpfile_handle ${FUNCNAME[0]}.txt tmpfile_handle ${FUNCNAME[0]}.txt
return 0 # OPTIMAL_PROTO, GET_REQ*/HEAD_REQ* is set now return 0 # OPTIMAL_PROTO, GET_REQ*/HEAD_REQ* is set now
} }
@@ -21546,6 +21665,7 @@ initialize_globals() {
do_fs=false do_fs=false
do_protocols=false do_protocols=false
do_rc4=false do_rc4=false
do_starttls_injection=false
do_winshock=false do_winshock=false
do_grease=false do_grease=false
do_renego=false do_renego=false
@@ -21584,6 +21704,7 @@ set_scanning_defaults() {
do_header=true do_header=true
do_fs=true do_fs=true
do_rc4=true do_rc4=true
do_starttls_injection=true
do_winshock=true do_winshock=true
do_protocols=true do_protocols=true
do_renego=true do_renego=true
@@ -21606,7 +21727,7 @@ count_do_variables() {
local true_nr=0 local true_nr=0
for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \ for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \
do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_grease do_robot do_renego \ do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_starttls_injection do_grease do_robot do_renego \
do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv do_winshock \ do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv do_winshock \
do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only do_rating; do do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only do_rating; do
"${!gbl}" && let true_nr++ "${!gbl}" && let true_nr++
@@ -21619,7 +21740,7 @@ debug_globals() {
local gbl local gbl
for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \ for gbl in do_allciphers do_vulnerabilities do_beast do_lucky13 do_breach do_ccs_injection do_ticketbleed do_cipher_per_proto do_crime \
do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_grease do_robot do_renego \ do_freak do_logjam do_drown do_header do_heartbleed do_mx_all_ips do_fs do_protocols do_rc4 do_starttls_injection do_grease do_robot do_renego \
do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv do_winshock \ do_cipherlists do_server_defaults do_server_preference do_ssl_poodle do_tls_fallback_scsv do_winshock \
do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only do_rating; do do_sweet32 do_client_simulation do_cipher_match do_tls_sockets do_mass_testing do_display_only do_rating; do
printf "%-22s = %s\n" $gbl "${!gbl}" printf "%-22s = %s\n" $gbl "${!gbl}"
@@ -21828,6 +21949,7 @@ parse_cmd_line() {
do_lucky13=true do_lucky13=true
do_winshock=true do_winshock=true
do_rc4=true do_rc4=true
do_starttls_injection=true
if "$OFFENSIVE"; then if "$OFFENSIVE"; then
VULN_COUNT=17 VULN_COUNT=17
else else
@@ -21849,7 +21971,7 @@ parse_cmd_line() {
do_ticketbleed=true do_ticketbleed=true
let "VULN_COUNT++" let "VULN_COUNT++"
;; ;;
-BB|--robot) -BB|--BB|--robot)
do_robot=true do_robot=true
;; ;;
-R|--renegotiation) -R|--renegotiation)
@@ -21905,6 +22027,10 @@ parse_cmd_line() {
do_rc4=true do_rc4=true
let "VULN_COUNT++" let "VULN_COUNT++"
;; ;;
-SI|--SI|--starttls[-_]injection)
do_starttls_injection=true
let "VULN_COUNT++"
;;
-f|--fs|--nsa|--forward-secrecy) -f|--fs|--nsa|--forward-secrecy)
do_fs=true do_fs=true
;; ;;
@@ -22252,6 +22378,10 @@ parse_cmd_line() {
grep -q "BEGIN CERTIFICATE" "$fname" || fatal "\"$fname\" is not CA file in PEM format" $ERR_RESOURCE grep -q "BEGIN CERTIFICATE" "$fname" || fatal "\"$fname\" is not CA file in PEM format" $ERR_RESOURCE
done done
if "$do_starttls_injection" && [[ "$STARTTLS_PROTOCOL" =~ smtp ]]; then
let "VULN_COUNT++"
fi
count_do_variables count_do_variables
[[ $? -eq 0 ]] && set_scanning_defaults [[ $? -eq 0 ]] && set_scanning_defaults
set_skip_tests set_skip_tests
@@ -22406,6 +22536,7 @@ lets_roll() {
fi fi
fileout_section_header $section_number true && ((section_number++)) fileout_section_header $section_number true && ((section_number++))
"$do_heartbleed" && { run_heartbleed; ret=$(($? + ret)); stopwatch run_heartbleed; } "$do_heartbleed" && { run_heartbleed; ret=$(($? + ret)); stopwatch run_heartbleed; }
"$do_ccs_injection" && { run_ccs_injection; ret=$(($? + ret)); stopwatch run_ccs_injection; } "$do_ccs_injection" && { run_ccs_injection; ret=$(($? + ret)); stopwatch run_ccs_injection; }
"$do_ticketbleed" && { run_ticketbleed; ret=$(($? + ret)); stopwatch run_ticketbleed; } "$do_ticketbleed" && { run_ticketbleed; ret=$(($? + ret)); stopwatch run_ticketbleed; }
@@ -22423,6 +22554,8 @@ lets_roll() {
"$do_lucky13" && { run_lucky13; ret=$(($? + ret)); stopwatch run_lucky13; } "$do_lucky13" && { run_lucky13; ret=$(($? + ret)); stopwatch run_lucky13; }
"$do_winshock" && { run_winshock; ret=$(($? + ret)); stopwatch run_winshock; } "$do_winshock" && { run_winshock; ret=$(($? + ret)); stopwatch run_winshock; }
"$do_rc4" && { run_rc4; ret=$(($? + ret)); stopwatch run_rc4; } "$do_rc4" && { run_rc4; ret=$(($? + ret)); stopwatch run_rc4; }
"$do_starttls_injection" && { run_starttls_injection; ret=$(($? + ret)); stopwatch run_starttls_injection; }
outln
fileout_section_header $section_number true && ((section_number++)) fileout_section_header $section_number true && ((section_number++))
"$do_allciphers" && { run_allciphers; ret=$(($? + ret)); stopwatch run_allciphers; } "$do_allciphers" && { run_allciphers; ret=$(($? + ret)); stopwatch run_allciphers; }
@@ -22479,6 +22612,7 @@ lets_roll() {
set_color_functions set_color_functions
maketempf maketempf
find_openssl_binary find_openssl_binary
find_socat
choose_printf choose_printf
check_resolver_bins check_resolver_bins
prepare_debug ; stopwatch parse prepare_debug ; stopwatch parse