def start(self): version = getHighestTLSVersion(self._result) vuln = 0 # Not vulnerable for version in [0, 1]: if isTLSVersionSupport(self._result, version): hello = ClientHello() hello.ciphersuite = cbc_cipher hello.version = version hello = addNecessaryExtensionToHelloObject(hello, self._host) if tryHandshake(self._host, self._port, hello.createAsHex()) == version: # Vulnerable print( "[BEAST] Vulnerable, handshake success with version %d" % version) vuln = 1 if getHighestTLSVersion(self._result) <= 1 and vuln == 1: vuln = 2 # TLS1.0 is highest protocol self._result.addResult('beast', vuln) if vuln == 2: self._result.addVulnerability('beast') for cipherHex in splitCipherHexStringTLS(cbc_cipher): for supportedVersion in getSupportedTLSVersion(self._result): if supportedVersion > 1: continue self._result.addVulnerabilityToCipher( cipherHex, versionIntToString(supportedVersion), '<b style="color:orange;">BEAST</b>')
def start(self): version = getHighestTLSVersion(self._result) if version == -1: print("[LUCKY13] No valid TLS version found") self._result.addResult('lucky13', False) return print("Testing LUCKY13 with TLS version ", version) hello1 = ClientHello() hello1.ciphersuite = cbc_cipher1 hello1hex = hello1.createAsHex() hello2 = ClientHello() hello2.ciphersuite = cbc_cipher2 hello2hex = hello2.createAsHex() self._result.addResult( 'lucky13', tryHandshake( self._host, self._port, addNecessaryExtensionToHello( modifyHelloVersion(hello1hex, version), self._host)) >= 0 or tryHandshake( self._host, self._port, addNecessaryExtensionToHello( modifyHelloVersion(hello2hex, version), self._host)) >= 0) if self._result.getResult( 'lucky13' ) and self.scan_accuracy != 'minimise_false_positives': self._result.addVulnerability('lucky13') # for each cipher for cipherHex in splitCipherHexStringTLS( cbc_cipher1) + splitCipherHexStringTLS(cbc_cipher2): for supportedVersion in getSupportedTLSVersion(self._result): self._result.addVulnerabilityToCipher( cipherHex, versionIntToString(supportedVersion), '<b style="color:orange;">LUCKY13</b>')
def startExport(self): vuln = False for version in getSupportedTLSVersion(self._result): # Try handshake with dh_export cipher hello = ClientHello() hello.ciphersuite = dh_export hello.version = version hello = addNecessaryExtensionToHelloObject(hello, self._host) if tryHandshake(self._host, self._port, hello.createAsHex()) == version: # vulnerable, vuln = True for cipherHex in splitCipherHexStringTLS(dh_export): self._result.addVulnerabilityToCipher( cipherHex, versionIntToString(version), '<b style="color:red;">LOGJAM</b>') self._result.addResult('logjam_export', vuln) if vuln: self._result.addVulnerability('logjam_export')
def start(self): version = getHighestTLSVersion(self._result) if version == -1: print("[CRIME] No valid TLS version found") self._result.addResult('crime_tls', False) else: print("[CRIME] Testing CRIME (TLS) with TLS version ", version) hello = ClientHello() hello.compression = '0100' # DEFLATE & null hello.version = version hello = addNecessaryExtensionToHelloObject(hello, self._host) hellohex = hello.createAsHex() serverHello = getServerHelloObject(self._host, self._port, hellohex) self._result.addResult('crime_tls', serverHello.compressionMethod == '01') if self._result.getResult('crime_tls'): self._result.addVulnerability('crime_tls')
def testForVersion(version): hello = ClientHello() hello.ciphersuite = all_dh_ciphers hello.version = version hello = addNecessaryExtensionToHelloObject(hello, self._host) # do full handshake until received key exchange s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.settimeout(5) vuln = False try: s.connect((self._host, self._port)) s.sendall(hello.createAsHex().decode('hex')) recvBuffer = '' while True: rec = s.recv(1024 * 10) if rec == None: break recvBuffer += rec # Check for TLS Record breakConnection = False while len(recvBuffer) >= 5: if ord(recvBuffer[0]) == 0x15: # Alert ... #print("[LOGJAM] Received some ALERT") breakConnection = True elif ord(recvBuffer[0]) == 0x16: # Handshake message recvVersion = ord(recvBuffer[2]) messageLen = ord(recvBuffer[3]) * 256 + ord( recvBuffer[4]) # Check if enough message to consume #print("[LOGJAM] Buffer %d, Expected message length %d" % (len(recvBuffer),messageLen)) if len(recvBuffer) >= 5 + messageLen: # consume ! #print("[LOGJAM] Consuming handshake message") recordHeader, messageBuffer, recvBuffer = recvBuffer[ 0:5], recvBuffer[5:5 + messageLen], recvBuffer[ 5 + messageLen:] while len(messageBuffer) >= 6: #print("[LOGJAM] Message Buffer %d" % len(messageBuffer)) msgLen = int( messageBuffer[1:4].encode('hex'), 16) + 4 # ([P][LEN]<msgLen>) #print("[LOGJAM] Message length %d" % msgLen) handshakeMessage, messageBuffer = messageBuffer[ 0:msgLen], messageBuffer[msgLen:] # Check protocol if ord(handshakeMessage[0]) == 0x0c: print("[LOGJAM] Received KeyExchange") # Key exchange protocol msgLen = int( handshakeMessage[1:4].encode( 'hex'), 16) pLen = int( handshakeMessage[4:6].encode( 'hex'), 16) p = handshakeMessage[6:6 + pLen].encode( 'hex') print("prime : %s" % p) # Check with common prime list if p in self.commonPrime: print( "[LOGJAM] Found common prime : %s (%d-bit)" % (self.commonPrime[p], len(p) * 4)) if len(p) * 4 <= 1024: vuln = True else: print( "[LOGJAM] Common prime not found" ) breakConnection = True elif ord(handshakeMessage[0]) == 0x0e: print( "[LOGJAM] Received ServerHelloDone" ) breakConnection = True elif ord(handshakeMessage[0]) == 0x0b: print("[LOGJAM] Received Certificate") pass elif ord(handshakeMessage[0]) == 0x02: pass print("[LOGJAM] Received ServerHello") else: print("[LOGJAM] Received protocol %d" % ord(handshakeMessage[0])) else: # Need more data break else: print("[LOGJAM] Received unknown record %d " % ord(recvBuffer[0])) breakConnection = True if breakConnection: break if breakConnection: break except socket.timeout as e: print("[LOGJAM] Socket timeout") except socket.error as e: print("[LOGJAM] Socket error") except BaseException as e: print("[LOGJAM] Error:", e) finally: s.close() return vuln