Nmap Development mailing list archives
Re: [NSE] ssl-enum-ciphers hosed?
From: Mak Kolybabi <mak () kolybabi com>
Date: Sun, 21 Mar 2010 16:44:25 -0500
On 2010-03-15 10:13, David Fifield wrote:
If there's some fundamental limitation that means the faster method can't ever be completely reliable, then switch back to the slower method.
In looking at some other tools that enumerate ciphers, I've found that they all use the slow method. Sadly, I couldn't make the fast method work reliably across all SSL implementations. The new script (see attached) makes the following changes: - Offers the slow-and-reliable algorithm, only. - Fixes the "malformed packet" bug. - Treats RSTs as rejections, not fatal errors. - Adds some obsolete ciphers that were requested. - SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA - SSL_RSA_FIPS_WITH_DES_CBC_SHA - Adds some other cipher definitions that I came across. - TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA - TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA - TLS_DHE_DSS_WITH_RC4_128_SHA - TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA - TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 - TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 - TLS_RSA_EXPORT1024_WITH_RC4_56_SHA Please let me know if there are any problems with the new version. -- Matthew Anthony Kolybabi (Mak) <mak () kolybabi com> () ASCII Ribbon Campaign | Against HTML e-mail /\ www.asciiribbon.org | Against proprietary extensions
Attachment:
ssl-enum-ciphers.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Rob Nicholls (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- Re: [NSE] ssl-enum-ciphers hosed? Ron (Mar 12)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? Mak Kolybabi (Mar 15)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? David Fifield (Mar 15)
- Re: [NSE] ssl-enum-ciphers hosed? Mak Kolybabi (Mar 21)
- Re: [NSE] ssl-enum-ciphers hosed? David Fifield (Mar 21)
- RE: [NSE] ssl-enum-ciphers hosed? Dario Ciccarone (dciccaro) (Mar 12)
- Re: [NSE] ssl-enum-ciphers hosed? Thierry Zoller (Mar 15)
- RE: [NSE] ssl-enum-ciphers hosed? Rob Nicholls (Mar 12)