RE: Nmap not discovering the SSL Certificates in Wolfssl setup

[Saurabh Dublish <Saurabh_Dublish () symantec com>]

Hello Dan,

Sorry about the wrong ip and even after giving correct ip 127.0.0.1, nmap is still not detecting certificate.I am 
enclosing the debug output with (–d - - script-trace option ) along with this mail.

Thanks
Saurabh


From: Daniel Miller [mailto:bonsaiviking () gmail com]
Sent: 14 February 2016 20:21
To: Saurabh Dublish <Saurabh_Dublish () symantec com<mailto:Saurabh_Dublish () symantec com>>
Cc: dev () nmap org<mailto:dev () nmap org>
Subject: Re: Nmap not discovering the SSL Certificates in Wolfssl setup

Saurabh,
Your Nmap output shows you scanning 127.0.0.0, which Nmap shows is "down," so no port scan or script is run. Can you 
provide debug output (with -d --script-trace) for scanning 127.0.0.1 instead?
Dan

On Wed, Feb 10, 2016 at 12:08 AM, Saurabh Dublish <Saurabh_Dublish () symantec com<mailto:Saurabh_Dublish () symantec 
com>> wrote:
Hi all,

I am resending the email with more proper details how I used the setup.


I am running nmap in wolfssl setup and nmap is not discovering certificates in wolfssl setup. I have installed wolfssl 
setup 3.8.0 and using wolfssl-example by github and running “server.tls” server but nmap is not discovering the 
certificates but while connecting by openssl client I am able to discover the certificates. Please help me why nmap is 
not working.

But nmap is running fine the ssl-enum-cihers script and is detecting the ciphers.In my previuos mail I mentioned it was 
not working but it is working fine.

Now only Nmap is not discovering the certificates in wolfssl.

I am enclosing the nmap output, nmap output with debug option , the server-tls code and openssl output with this mail.


Commands run are


>  Install and build Wolfssl and wolfssl-examples by following steps from 
> https://wolfssl.com/wolfSSL/download/downloadForm.php  and https://github.com/wolfSSL/wolfssl-examples


>  Then I unzip the file wolfssl file download from above site.



>  unzip wolfssl-3.8.0



>  Then build it by



>  ./configure --prefix=/home/saurabh/install/wolfSSL/3.8.0/ --enable-opensslextra  --enable-lighty 
> --enable-secure-renegotiation --enable-webserver

>  Then did make

>   Make install



>  unzip the wolfssl-example-master file downloaded from github as

>  unzip wolfssl-example-master.zip

build wolfssl examples.

>  Examples/tls

>  Makefile changes

>    CFLAGS=-Wall -I/home/saurabh/install/wolfSSL/3.8.0/include/

>    LIBS=-L /home/saurabh/install/wolfSSL/3.8.0/lib/ -lwolfssl


>  Then did a make



>  Then I go to the wolfssl-example folder and go to tls folder



>  cd /home/saurabh/wolfssl-examples-master/tls



>  Then run the server as ./server.tls



>  By Default server-tls will start server on port 11111




>  Now I open nmap


>  nmap -–script +ssl-cert 127.0.0.1 11111


>  but if we use openssl it discovers the cert





>  ./openssl s_client -connect 127.0.0.1:11111<http://127.0.0.1:11111>

Thanks
Saurabh


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/