def start(self):
version = getHighestTLSVersion(self._result)
vuln = 0 # Not vulnerable
for version in [0, 1]:
if isTLSVersionSupport(self._result, version):
hello = ClientHello()
hello.ciphersuite = cbc_cipher
hello.version = version
hello = addNecessaryExtensionToHelloObject(hello, self._host)
if tryHandshake(self._host, self._port,
hello.createAsHex()) == version:
# Vulnerable
print(
"[BEAST] Vulnerable, handshake success with version %d"
% version)
vuln = 1
if getHighestTLSVersion(self._result) <= 1 and vuln == 1:
vuln = 2 # TLS1.0 is highest protocol
self._result.addResult('beast', vuln)
if vuln == 2:
self._result.addVulnerability('beast')
for cipherHex in splitCipherHexStringTLS(cbc_cipher):
for supportedVersion in getSupportedTLSVersion(self._result):
if supportedVersion > 1:
continue
self._result.addVulnerabilityToCipher(
cipherHex, versionIntToString(supportedVersion),
'<b style="color:orange;">BEAST</b>')
def testTLS(self, cipher, version):
# Easy
hello = ClientHello()
hello.ciphersuite = cipher
hello.version = version
return tryHandshake(
self._host, self._port,
addNecessaryExtensionToHelloObject(
hello, self._host).createAsHex()) == version
def startExport(self):
vuln = False
for version in getSupportedTLSVersion(self._result):
# Try handshake with dh_export cipher
hello = ClientHello()
hello.ciphersuite = dh_export
hello.version = version
hello = addNecessaryExtensionToHelloObject(hello, self._host)
if tryHandshake(self._host, self._port,
hello.createAsHex()) == version:
# vulnerable,
vuln = True
for cipherHex in splitCipherHexStringTLS(dh_export):
self._result.addVulnerabilityToCipher(
cipherHex, versionIntToString(version),
'<b style="color:red;">LOGJAM</b>')
self._result.addResult('logjam_export', vuln)
if vuln:
self._result.addVulnerability('logjam_export')
def start(self):
version = getHighestTLSVersion(self._result)
if version == -1:
print("[CRIME] No valid TLS version found")
self._result.addResult('crime_tls', False)
else:
print("[CRIME] Testing CRIME (TLS) with TLS version ", version)
hello = ClientHello()
hello.compression = '0100' # DEFLATE & null
hello.version = version
hello = addNecessaryExtensionToHelloObject(hello, self._host)
hellohex = hello.createAsHex()
serverHello = getServerHelloObject(self._host, self._port,
hellohex)
self._result.addResult('crime_tls',
serverHello.compressionMethod == '01')
if self._result.getResult('crime_tls'):
self._result.addVulnerability('crime_tls')
def start(self):
version = getHighestTLSVersion(self._result)
if version == -1:
print("[LUCKY13] No valid TLS version found")
self._result.addResult('lucky13', False)
return
print("Testing LUCKY13 with TLS version ", version)
hello1 = ClientHello()
hello1.ciphersuite = cbc_cipher1
hello1hex = hello1.createAsHex()
hello2 = ClientHello()
hello2.ciphersuite = cbc_cipher2
hello2hex = hello2.createAsHex()
self._result.addResult(
'lucky13',
tryHandshake(
self._host, self._port,
addNecessaryExtensionToHello(
modifyHelloVersion(hello1hex, version), self._host)) >= 0
or tryHandshake(
self._host, self._port,
addNecessaryExtensionToHello(
modifyHelloVersion(hello2hex, version), self._host)) >= 0)
if self._result.getResult(
'lucky13'
) and self.scan_accuracy != 'minimise_false_positives':
self._result.addVulnerability('lucky13')
# for each cipher
for cipherHex in splitCipherHexStringTLS(
cbc_cipher1) + splitCipherHexStringTLS(cbc_cipher2):
for supportedVersion in getSupportedTLSVersion(self._result):
self._result.addVulnerabilityToCipher(
cipherHex, versionIntToString(supportedVersion),
'<b style="color:orange;">LUCKY13</b>')
def testForVersion(version):
hello = ClientHello()
hello.ciphersuite = all_dh_ciphers
hello.version = version
hello = addNecessaryExtensionToHelloObject(hello, self._host)
# do full handshake until received key exchange
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.settimeout(5)
vuln = False
try:
s.connect((self._host, self._port))
s.sendall(hello.createAsHex().decode('hex'))
recvBuffer = ''
while True:
rec = s.recv(1024 * 10)
if rec == None: break
recvBuffer += rec
# Check for TLS Record
breakConnection = False
while len(recvBuffer) >= 5:
if ord(recvBuffer[0]) == 0x15:
# Alert ...
#print("[LOGJAM] Received some ALERT")
breakConnection = True
elif ord(recvBuffer[0]) == 0x16:
# Handshake message
recvVersion = ord(recvBuffer[2])
messageLen = ord(recvBuffer[3]) * 256 + ord(
recvBuffer[4])
# Check if enough message to consume
#print("[LOGJAM] Buffer %d, Expected message length %d" % (len(recvBuffer),messageLen))
if len(recvBuffer) >= 5 + messageLen:
# consume !
#print("[LOGJAM] Consuming handshake message")
recordHeader, messageBuffer, recvBuffer = recvBuffer[
0:5], recvBuffer[5:5 +
messageLen], recvBuffer[
5 + messageLen:]
while len(messageBuffer) >= 6:
#print("[LOGJAM] Message Buffer %d" % len(messageBuffer))
msgLen = int(
messageBuffer[1:4].encode('hex'),
16) + 4 # ([P][LEN]<msgLen>)
#print("[LOGJAM] Message length %d" % msgLen)
handshakeMessage, messageBuffer = messageBuffer[
0:msgLen], messageBuffer[msgLen:]
# Check protocol
if ord(handshakeMessage[0]) == 0x0c:
print("[LOGJAM] Received KeyExchange")
# Key exchange protocol
msgLen = int(
handshakeMessage[1:4].encode(
'hex'), 16)
pLen = int(
handshakeMessage[4:6].encode(
'hex'), 16)
p = handshakeMessage[6:6 +
pLen].encode(
'hex')
print("prime : %s" % p)
# Check with common prime list
if p in self.commonPrime:
print(
"[LOGJAM] Found common prime : %s (%d-bit)"
% (self.commonPrime[p],
len(p) * 4))
if len(p) * 4 <= 1024:
vuln = True
else:
print(
"[LOGJAM] Common prime not found"
)
breakConnection = True
elif ord(handshakeMessage[0]) == 0x0e:
print(
"[LOGJAM] Received ServerHelloDone"
)
breakConnection = True
elif ord(handshakeMessage[0]) == 0x0b:
print("[LOGJAM] Received Certificate")
pass
elif ord(handshakeMessage[0]) == 0x02:
pass
print("[LOGJAM] Received ServerHello")
else:
print("[LOGJAM] Received protocol %d" %
ord(handshakeMessage[0]))
else:
# Need more data
break
else:
print("[LOGJAM] Received unknown record %d " %
ord(recvBuffer[0]))
breakConnection = True
if breakConnection: break
if breakConnection: break
except socket.timeout as e:
print("[LOGJAM] Socket timeout")
except socket.error as e:
print("[LOGJAM] Socket error")
except BaseException as e:
print("[LOGJAM] Error:", e)
finally:
s.close()
return vuln