search

SSL/TLS Security

hashtag
Downgrade Attack prevention

 openssl s_client –tls1 -fallback_scsv -connect example.com:443

If your server supports something better than SSLv3 and checks for the presence of the TLS_FALLBACK_SCSV cipher, it should abort the connection with an error like the following:

 tlsv1 alert inappropriate fallback:s3_pkt.c:1262:SSL alert number 86

hashtag
Cipher Suites

DES Cipher (Connection should fail):

 openssl s_client -cipher DES -connect example.com:443

hashtag
3DES Cipher (Connection should fail)

 openssl s_client -cipher 3DES -connect example.com:443

hashtag
Export Cipher (Connection should fail):

 openssl s_client -cipher EXPORT -connect example.com:443

hashtag
Low Cipher (Connection should fail):

hashtag
RC4 Cipher (Connection should fail):

hashtag
NULL Cipher (Connection should fail):

hashtag
Perfect Forward Secrecy Cipher (Connection should NOT fail):

hashtag
Renegotiation

hashtag
Secure Renegotiation

Testing this should return the following

hashtag
Client-initiated Renegotiation

Once the connection is established, the server will wait for us to type the next command. We can write the following two lines in order to initiate a renegotiation by specifying R in the second line, followed by enter or return.

A system that does not support client-initiated renegotiation will return an error and end the connection, or the connection will time out. Please note that below is just one of the many different error messages that you can encounter when your renegotiation is blocked.

hashtag
Logjam

The DH parameter size used is displayed in the output next to “Server Temp Key”. Please note that you’ll need at least OpenSSL 1.0.2 to display the ‘Sever Temp Key’ parameter.

hashtag
TLS Service Supports Anonymous DH Key Exchange

hashtag
TLS Insecure Renegotiation Supported

Check the output for the following string: "Secure Renegotiation is NOT supported"

Type "R" with a SINGLE carriage return:

If the connection stays open, issue an HTTP request with DOUBLE carriage returns:

If the server replies with some data, it is affected by this issue

hashtag
Determine the server's preferred cipher suite

Using OpenSSL, we can connect presenting the list of all ciphers:

hashtag
Output:

hashtag
TLS Weak Ciphers Supported

Any cipher with key length shorter than 128 bit is to be considered weak.

hashtag
NULL TLS Ciphers Supported

hashtag
CRIME Attack

or the one-liner:

hashtag
BREACH Attack

Submitting the following will allow us to see if HTTP compression is supported by the server.

If the response contains encoded data, similar to the following response, it indicates that HTTP compression is supported; therefore the remote host is vulnerable.

A system which does not support deflate or compression will ignore the compress header request and respond with uncompressed data, indicating that it is not vulnerable.

hashtag
HeartBleed Attack

Metasploit has a dedicate module that can be used to exploit the vulnerability:

Also nmap:

hashtag
FREAK Attack

A specific tool can be downloaded from https://tools.keycdn.com/freakarrow-up-right

hashtag
SSL Certificate Expired

hashtag
SSL Certificate Signed Using Weak Hashing Algorithm

PreviousAircrack SuiteNextSecure Code Review

Last updated