Wiki
  • Introduction
  • 👾Penetration Testing
    • Application Security
      • Mobile App Security
        • Android Application Testing
          • Security Checklist
          • SSL Pinning Bypasses
          • Non-Proxy Aware Applications
            • Setting up VPN Server
            • Bypasses
          • Common Proxying Issues
          • Android Local Storage Checks
          • Android Task Hijacking
          • Kiosk Mode / Breakout Testing
          • Magisk on GenyMotion
        • iOS Application Testing
          • iOS Testing Using Objection
          • IPA Analysis Using MobSF
          • iOS Jailbreak Bypass
          • Decrypting iOS Apps
          • iOS Reverse Engineering
          • Jailbreak Detection Bypasses
          • iOS Local Storage Checks
          • Installing IPA
          • ATS Auditing
          • iOS Jailbreaking
          • Frida Pinning Bypasses
          • iOS Jailbreaking
        • Code Security
        • Frida on Windows
      • Web Application Security
        • Web Shells
        • CSV Injection
        • Measure Response Time using CURL
        • OSINT
          • EyeWitness
        • GraphQL Hacking
      • API Security
        • Security Checklist
        • Postman and Burp
        • CURL via BurpSuite
        • SOAP API Pentesting
    • Infrastructure Security
      • Network Infrastructure
        • Red Team Powershell Scripts
        • Mounting NFS Shares
        • Password Cracking/Auditing
        • Remote Access Sheet
        • Password Cracking Using Hashcat
        • Calculate IP Addresses from CIDR
        • Grep IP addresses or IP Ranges from a File
        • Default Credentials Checking
        • Check SSL/TLS Certificates
        • Log a terminal session
        • Unauthenticated Mongo DB
        • Microsoft SQL Server (MSSQL)
        • NTP Mode 6 Vulnerabilities
        • BloodHound
        • AD Offensive Testing
        • CrackMapExec
        • Select all IP addresses in Sublime Text
        • Convert CIDRs to an IP address list
        • Microsoft Exchange Client Access Server Information Disclosure
        • Web Server HTTP Header Internal IP Disclosure
        • smbclient.py
        • GetUserSPNs.py
        • Get-GPPPassword.py
        • SMBMap
        • Mounting Shares
        • mitm6
        • AD Attacks
        • Weak IKE Security Configurations
        • Locked BIOS Password Bypass
      • Wireless Security
        • Cached Wireless Keys
        • Aircrack Suite
    • SSL/TLS Security
    • Secure Code Review
      • Python
      • Semgrep
        • Semgrep to HTML Report
    • Cloud Security
      • Cloud Penetration Testing
    • Social Engineering
      • Simulated Phishing
        • GoPhish
    • Tool Usage
      • Docker
      • Split
      • PhantomJS
      • Aquatone
      • Tmux
      • Ipainstaller
      • Public IP From Command Line
      • Wifite
      • IKE Scan
      • Grep
      • Pulling APKs
      • Bitsadmin
      • Drozer
      • Iptables
      • Python Web Server
      • Crackmapexec
      • Impacket
      • Nessus
      • Adding SUDO User
      • Nmap
      • Metasploit Payloads
      • SMTP Open Relay
      • SQLMap
      • Screen
      • Remove All After Colon
      • Remove Old Linux Kernels
      • CURL
      • Hashcat
      • Secure Copy Protocol (SCP)
      • SSH & PGP Tools
      • IP Calculator
      • BloodHound
      • Netcat File Transfer
      • OpenVAS
      • BurpSuite
      • Exiftool
      • Python Virtual Environments
    • Errors and Solutions
      • Kill Process On Specific Port
      • Kill SSH Port Forwarding
      • SSH Key
      • Expanding Disk on Kali VM
    • Scoping
      • Scoping Questionnaires
        • Mobile App Testing
    • OSINT
      • Dark Web OSINT
      • Certificate Chain Check
      • EyeWitness - Web Service Screenshot
      • Tor to Browse Onion Links
      • DarkDump - Scan Dark Web for Onion Links
      • Domain related File Search
      • Google Dorking
      • IP / Network Blocks owned by a Company
  • ⌨️Programming
    • Automation
      • Running a Service at Boot
      • Network Connectivity Cron
    • Python
      • Adding Columns in Pandas
      • Copy Entire Column Data To New Column Pandas
      • Loading Progress Bar
      • Reorder Columns in Pandas
      • Filename with Date/Time Stamp
      • Command Line Arguments
      • Changing Date Format
      • Removing Index Column Pandas
      • Regex - Remove HTML Tags
      • Column Header Mapping
  • 🌐Miscellaneous
    • Scripts
      • Clickjacking Checker
      • Bulk WHOIS
      • SMB Signing Check
      • FDQN to IP Address
      • Grep IP Addresses
      • Nessus Parser
      • Build Review Audit
      • Nessus Merger
      • Nmap2CSV
      • Remove Audio From Videos
    • Favourite Reads/Links
    • Hacking Posters
    • Windows Developer VMs
    • Windows Workspaces
    • GitHub Pages
    • Interview Prep
      • Senior Penetration Tester
    • CVSS Formula
    • Android Rooting
      • Lineage OS 18.1 on OnePlus X
      • TWRP Recover on OnePlus X
      • Magisk Rooting
    • Presentation Slides
      • BlackHat - USA [2022]
  • 🐞Vulnerability Wiki
    • 🌐APPLICATION LEVEL
      • 🔒AUTHENTICATION
        • Authentication Bypass
        • Lack of Password Confirmation
        • 2FA Code Brute-forceable
        • Lack of Verification
        • Lack of Throttling on Form Submissions
        • Lack of Rate Limiting on Login
        • Weak Password Complexity Rules
        • 🖥️SESSION MANAGEMENT
        • 🔑ACCESS CONTROL
      • 🔢INPUT VALIDATION
      • ➗CRYPTOGRAPHY
      • 📉LOGGING
      • 📕DATA PROTECTION
      • 📲COMMUNICATION
      • 👨‍💻MALICIOUS CODE
      • 💡LOGIC
      • 🗄️FILE UPLOAD
      • ⚙️API ISSUES
      • 🔍CONFIGURATIONS
    • 💾INFRASTRUCTURE LEVEL
      • ICMP Timestamp Request Remote Date Disclosure (CVE-1999-0524)
      • ASP.NET Debug Mode Validation
Powered by GitBook
On this page
  • Downgrade Attack prevention
  • Cipher Suites
  • 3DES Cipher (Connection should fail)
  • Export Cipher (Connection should fail):
  • Low Cipher (Connection should fail):
  • RC4 Cipher (Connection should fail):
  • NULL Cipher (Connection should fail):
  • Perfect Forward Secrecy Cipher (Connection should NOT fail):
  • Renegotiation
  • Secure Renegotiation
  • Client-initiated Renegotiation
  • Logjam
  • TLS Service Supports Anonymous DH Key Exchange
  • TLS Insecure Renegotiation Supported
  • Determine the server's preferred cipher suite
  • Output:
  • TLS Weak Ciphers Supported
  • NULL TLS Ciphers Supported
  • CRIME Attack
  • BREACH Attack
  • HeartBleed Attack
  • FREAK Attack
  • SSL Certificate Expired
  • SSL Certificate Signed Using Weak Hashing Algorithm

Was this helpful?

  1. Penetration Testing

SSL/TLS Security

Downgrade Attack prevention

 openssl s_client –tls1 -fallback_scsv -connect example.com:443

If your server supports something better than SSLv3 and checks for the presence of the TLS_FALLBACK_SCSV cipher, it should abort the connection with an error like the following:

 tlsv1 alert inappropriate fallback:s3_pkt.c:1262:SSL alert number 86

Cipher Suites

DES Cipher (Connection should fail):

 openssl s_client -cipher DES -connect example.com:443

3DES Cipher (Connection should fail)

 openssl s_client -cipher 3DES -connect example.com:443

Export Cipher (Connection should fail):

 openssl s_client -cipher EXPORT -connect example.com:443

Low Cipher (Connection should fail):

 openssl s_client -cipher LOW -connect example.com:443

RC4 Cipher (Connection should fail):

 openssl s_client -cipher RC4 -connect example.com:443

NULL Cipher (Connection should fail):

 openssl s_client -cipher NULL -connect example.com:443

Perfect Forward Secrecy Cipher (Connection should NOT fail):

 openssl s_client -cipher EECDH, EDH NULL -connect example.com:443

Renegotiation

Secure Renegotiation

 openssl s_client -connect [host]:[port]

Testing this should return the following

 Secure Renegotiation IS NOT supported

Client-initiated Renegotiation

Once the connection is established, the server will wait for us to type the next command. We can write the following two lines in order to initiate a renegotiation by specifying R in the second line, followed by enter or return.

 openssl s_client -connect [host]:[port]
 
 HEAD / HTTP/1.0
 R
 <Enter or Return key>

A system that does not support client-initiated renegotiation will return an error and end the connection, or the connection will time out. Please note that below is just one of the many different error messages that you can encounter when your renegotiation is blocked.

 RENEGOTIATING
 write:errno=104

Logjam

 openssl s_client -connect [host]:[port] -cipher "EDH"

The DH parameter size used is displayed in the output next to “Server Temp Key”. Please note that you’ll need at least OpenSSL 1.0.2 to display the ‘Sever Temp Key’ parameter.

 ---
 No client certificate CA names sent
 Peer signing digest: SHA512
 Server Temp Key: DH, 2048 bits
 ---
 SSL handshake has read 6641 bytes and written 455 bytes
 ---
 New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
 ...

TLS Service Supports Anonymous DH Key Exchange

$ sslscan --xml=sslscan-output.xml [host]:[port]
$ cat sslscan-output.xml | grep -i accept | grep ADH

TLS Insecure Renegotiation Supported

$ openssl s_client -connect [host]:[port]

Check the output for the following string: "Secure Renegotiation is NOT supported"

Type "R" with a SINGLE carriage return:

R

If the connection stays open, issue an HTTP request with DOUBLE carriage returns:

GET / HTTP/1.0<ENTER><ENTER>

If the server replies with some data, it is affected by this issue

Determine the server's preferred cipher suite

Using OpenSSL, we can connect presenting the list of all ciphers:

openssl s_client -connect [host]:[port] -cipher 'ALL:COMPLEMENTOFALL'

Output:

...
...
SSL-Session:
   Protocol  : TLSv1
   Cipher    : AES128-SHA
...
...

TLS Weak Ciphers Supported

sslscan [host]:[port] | grep Accept

Any cipher with key length shorter than 128 bit is to be considered weak.

NULL TLS Ciphers Supported

sslscan [host]:[port] > sslscan.out
cat sslscan.out | grep -i null
openssl s_client -connect [host]:[port] -cipher NULL

CRIME Attack

openssl s_client -connect [host]:[port]
OUTPUT:
...
...
Compression: zlib compression
Expansion: zlib comprression
...
Compression: 1 (zlib compression)

or the one-liner:

echo -ne "\\n\\n! | openssl s_client -connect [host]:[port] | grep "Compression\\|Expansion"
openssl s_client -nextprotoneg NULL [host]:[port]
OUTPUT:
CONNECTED(00000003)
Protocols advertised by server: h2, spdy/3.1, http/1.1
...

BREACH Attack

 openssl s_client -connect [host]:[port]

Submitting the following will allow us to see if HTTP compression is supported by the server.

 GET / HTTP/1.1
 Host: [host]
 Accept-Encoding: compress, gzip

If the response contains encoded data, similar to the following response, it indicates that HTTP compression is supported; therefore the remote host is vulnerable.

 HTTP/1.1 200 OK
 Server: nginx/1.1.19
 Date: Sun, 19 Mar 2015 20:48:31 GMT
 Content-Type: text/html
 Last-Modified: Thu, 19 Mar 2015 23:34:28 GMT
 Transfer-Encoding: chunked
 Connection: keep-alive
 Content-Encoding: gzip

A system which does not support deflate or compression will ignore the compress header request and respond with uncompressed data, indicating that it is not vulnerable.

HeartBleed Attack

python hb_test.py [host]:[port]

Metasploit has a dedicate module that can be used to exploit the vulnerability:

use auxiliary/scanner/ssl/openssl_heartbleed
set RHOST ip_address
set RPORT 443
run

Also nmap:

nmap -p 443 --script ssl-heartbleed [host]

FREAK Attack

nmap --script ssl-enum-ciphers -p 443 www.website.com |grep EXPORT

SSL Certificate Expired

$openssl s_client -connect [host]:[port]
...
...
 Not Before: Oct 26:00:00:00 2011 GMT
      Not After: Sep 30 23:59:59 2013 GMT
...
...

SSL Certificate Signed Using Weak Hashing Algorithm

$openssl s_client -connect [host]:[port]
....
....
 Signature Algorithm: sha1WithRSAEncryption
 ...
...
...
PreviousAircrack SuiteNextSecure Code Review

Last updated 4 years ago

Was this helpful?

A specific tool can be downloaded from

👾
https://tools.keycdn.com/freak