Nmap Development mailing list archives

RE: ssl-enum-ciphers not returning all ciphers

From: "Lemons, Terry" <Terry.Lemons () dell com>
Date: Tue, 25 Jun 2019 21:00:49 +0000

Also, here is a '-dd' run, showing more diagnostic information.  My untrained eye doesn't see a problem:

# nmap -p 5671 -dd  --script ssl-enum-ciphers 10.7.110.234
Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-25 14:51 MDT
Fetchfile found /usr/bin/../share/nmap/nmap-services
Fetchfile found /usr/bin/../share/nmap/nmap.xsl
The max # of sockets we are using is: 0
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
Fetchfile found /usr/bin/../share/nmap/nse_main.lua
Fetchfile found /usr/bin/../share/nmap/nselib/lpeg-utility.lua
Fetchfile found /usr/bin/../share/nmap/nselib/stdnse.lua
Fetchfile found /usr/bin/../share/nmap/nselib/strict.lua
Fetchfile found /usr/bin/../share/nmap/scripts/script.db
NSE: Arguments from CLI:
Fetchfile found /usr/bin/../share/nmap/scripts/ssl-enum-ciphers.nse
NSE: Script ssl-enum-ciphers.nse was selected by name.
Fetchfile found /usr/bin/../share/nmap/nselib/comm.lua
Fetchfile found /usr/bin/../share/nmap/nselib/shortport.lua
Fetchfile found /usr/bin/../share/nmap/nselib/unittest.lua
Fetchfile found /usr/bin/../share/nmap/nselib/nsedebug.lua
Fetchfile found /usr/bin/../share/nmap/nselib/listop.lua
Fetchfile found /usr/bin/../share/nmap/nselib/sslcert.lua
Fetchfile found /usr/bin/../share/nmap/nselib/asn1.lua
Fetchfile found /usr/bin/../share/nmap/nselib/bin.lua
Fetchfile found /usr/bin/../share/nmap/nselib/ftp.lua
Fetchfile found /usr/bin/../share/nmap/nselib/ipOps.lua
Fetchfile found /usr/bin/../share/nmap/nselib/ldap.lua
Fetchfile found /usr/bin/../share/nmap/nselib/match.lua
Fetchfile found /usr/bin/../share/nmap/nselib/mssql.lua
Fetchfile found /usr/bin/../share/nmap/nselib/bit.lua
Fetchfile found /usr/bin/../share/nmap/nselib/smb.lua
Fetchfile found /usr/bin/../share/nmap/nselib/netbios.lua
Fetchfile found /usr/bin/../share/nmap/nselib/dns.lua
Fetchfile found /usr/bin/../share/nmap/nselib/base32.lua
Fetchfile found /usr/bin/../share/nmap/nselib/smbauth.lua
Fetchfile found /usr/bin/../share/nmap/nselib/unicode.lua
Fetchfile found /usr/bin/../share/nmap/nselib/smb2.lua
Fetchfile found /usr/bin/../share/nmap/nselib/strbuf.lua
Fetchfile found /usr/bin/../share/nmap/nselib/smtp.lua
Fetchfile found /usr/bin/../share/nmap/nselib/base64.lua
Fetchfile found /usr/bin/../share/nmap/nselib/sasl.lua
Fetchfile found /usr/bin/../share/nmap/nselib/tls.lua
Fetchfile found /usr/bin/../share/nmap/nselib/vnc.lua
Fetchfile found /usr/bin/../share/nmap/nselib/bits.lua
Fetchfile found /usr/bin/../share/nmap/nselib/xmpp.lua
NSE: Loaded 1 scripts for scanning.
NSE: Loaded '/usr/bin/../share/nmap/scripts/ssl-enum-ciphers.nse'.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 14:51
Completed NSE at 14:51, 0.00s elapsed
Fetchfile found /usr/bin/../share/nmap/nmap-payloads
Initiating Ping Scan at 14:51
Scanning 10.7.110.234 [4 ports]
Packet capture filter (device eth0): dst host 10.7.93.141 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
10.7.110.234)))
We got a ping packet back from 10.7.110.234: id = 29846 seq = 0 checksum = 35689
ultrascan_host_probe_update called for machine 10.7.110.234 state UNKNOWN -> HOST_UP (trynum 0 time: 930)
Changing ping technique for 10.7.110.234 to icmp type 8 code 0
Changing global ping host to 10.7.110.234.
Completed Ping Scan at 14:51, 0.00s elapsed (1 total hosts)
Overall sending rates: 1291.16 packets / s, 49063.91 bytes / s.
mass_rdns: Using DNS server 10.7.93.100
NSOCK INFO [0.4190s] nsock_iod_new2(): nsock_iod_new (IOD #1)
NSOCK INFO [0.4190s] nsock_connect_udp(): UDP connection requested to 10.7.93.100:53 (IOD #1) EID 8
NSOCK INFO [0.4200s] nsock_read(): Read request from IOD #1 [10.7.93.100:53] (timeout: -1ms) EID 18
Initiating Parallel DNS resolution of 1 host. at 14:51
NSOCK INFO [0.4200s] nsock_write(): Write request for 43 bytes to IOD #1 EID 27 [10.7.93.100:53]
NSOCK INFO [0.4200s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [10.7.93.100:53]
NSOCK INFO [0.4200s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 27 [10.7.93.100:53]
NSOCK INFO [0.4210s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 18 [10.7.93.100:53] (109 bytes)
NSOCK INFO [0.4210s] nsock_read(): Read request from IOD #1 [10.7.93.100:53] (timeout: -1ms) EID 34
NSOCK INFO [0.4210s] nsock_iod_delete(): nsock_iod_delete (IOD #1)
NSOCK INFO [0.4210s] nevent_delete(): nevent_delete on event #34 (type READ)
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 14:51, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating SYN Stealth Scan at 14:51
10.7.110.234 pingprobe type ICMP is inappropriate for this scan type; resetting.
Scanning 10.7.110.234 [1 port]
Packet capture filter (device eth0): dst host 10.7.93.141 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
10.7.110.234)))
Discovered open port 5671/tcp on 10.7.110.234
Changing ping technique for 10.7.110.234 to tcp to port 5671; flags: S
Changing global ping host to 10.7.110.234.
Completed SYN Stealth Scan at 14:51, 0.00s elapsed (1 total ports)
Overall sending rates: 457.46 packets / s, 20128.09 bytes / s.
NSE: Script scanning 10.7.110.234.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 14:51
NSOCK INFO [0.4210s] nsock_iod_new2(): nsock_iod_new (IOD #1)
NSOCK INFO [0.4250s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #1) EID 8
NSOCK INFO [0.4260s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 [10.7.110.234:5671]
NSOCK INFO [0.4260s] nsock_write(): Write request for 110 bytes to IOD #1 EID 19 [10.7.110.234:5671]
NSOCK INFO [0.4260s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 19 [10.7.110.234:5671]
NSOCK INFO [0.4260s] nsock_read(): Read request from IOD #1 [10.7.110.234:5671] (timeout: 7000ms) EID 26
NSOCK INFO [0.4310s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 26 [10.7.110.234:5671] (3115 bytes)
NSOCK INFO [0.4310s] nsock_iod_delete(): nsock_iod_delete (IOD #1)
NSE: Starting ssl-enum-ciphers M:24bfb38 against 10.7.110.234:5671.
NSE: [ssl-enum-ciphers M:24bfb38 10.7.110.234:5671] Trying protocol TLSv1.0.
NSE: ssl-enum-ciphers M:24bfb38 spawning new thread (thread: 0x2bdfa58).
NSE: [ssl-enum-ciphers M:24bfb38 10.7.110.234:5671] Trying protocol TLSv1.2.
NSE: ssl-enum-ciphers M:24bfb38 spawning new thread (thread: 0x2c89908).
NSE: [ssl-enum-ciphers M:24bfb38 10.7.110.234:5671] Trying protocol SSLv3.
NSE: ssl-enum-ciphers M:24bfb38 spawning new thread (thread: 0x29ab888).
NSE: [ssl-enum-ciphers M:24bfb38 10.7.110.234:5671] Trying protocol TLSv1.1.
NSE: ssl-enum-ciphers M:24bfb38 spawning new thread (thread: 0x2b2f288).
NSOCK INFO [0.4330s] nsock_iod_new2(): nsock_iod_new (IOD #2)
NSOCK INFO [0.4330s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #2) EID 32
NSOCK INFO [0.4330s] nsock_iod_new2(): nsock_iod_new (IOD #3)
NSOCK INFO [0.4340s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #3) EID 40
NSOCK INFO [0.4340s] nsock_iod_new2(): nsock_iod_new (IOD #4)
NSOCK INFO [0.4350s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #4) EID 48
NSOCK INFO [0.4350s] nsock_iod_new2(): nsock_iod_new (IOD #5)
NSOCK INFO [0.4360s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #5) EID 56
NSOCK INFO [0.4360s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 32 [10.7.110.234:5671]
NSOCK INFO [0.4360s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 40 [10.7.110.234:5671]
NSOCK INFO [0.4360s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 48 [10.7.110.234:5671]
NSOCK INFO [0.4370s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 56 [10.7.110.234:5671]
NSOCK INFO [0.4370s] nsock_write(): Write request for 224 bytes to IOD #2 EID 67 [10.7.110.234:5671]
NSOCK INFO [0.4370s] nsock_write(): Write request for 192 bytes to IOD #3 EID 75 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_write(): Write request for 176 bytes to IOD #4 EID 83 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_write(): Write request for 192 bytes to IOD #5 EID 91 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 67 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 75 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 83 [10.7.110.234:5671]
NSOCK INFO [0.4380s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 91 [10.7.110.234:5671]
NSOCK INFO [0.4390s] nsock_readbytes(): Read request for 5 bytes from IOD #2 [10.7.110.234:5671] EID 98
NSOCK INFO [0.4390s] nsock_readbytes(): Read request for 5 bytes from IOD #3 [10.7.110.234:5671] EID 106
NSOCK INFO [0.4390s] nsock_readbytes(): Read request for 5 bytes from IOD #4 [10.7.110.234:5671] EID 114
NSOCK INFO [0.4390s] nsock_readbytes(): Read request for 5 bytes from IOD #5 [10.7.110.234:5671] EID 122
NSOCK INFO [0.4410s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 98 [10.7.110.234:5671] (7 bytes): 
......(
NSOCK INFO [0.4410s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 106 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4420s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 114 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4420s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 122 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4420s] nsock_iod_delete(): nsock_iod_delete (IOD #2)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: handshake_failure
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) 64 ciphers rejected.
NSOCK INFO [0.4420s] nsock_iod_new2(): nsock_iod_new (IOD #6)
NSOCK INFO [0.4430s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #6) EID 128
NSOCK INFO [0.4430s] nsock_iod_delete(): nsock_iod_delete (IOD #3)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSOCK INFO [0.4430s] nsock_iod_new2(): nsock_iod_new (IOD #7)
NSOCK INFO [0.4430s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #7) EID 136
NSOCK INFO [0.4430s] nsock_iod_delete(): nsock_iod_delete (IOD #4)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSOCK INFO [0.4430s] nsock_iod_new2(): nsock_iod_new (IOD #8)
NSOCK INFO [0.4440s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #8) EID 144
NSOCK INFO [0.4440s] nsock_iod_delete(): nsock_iod_delete (IOD #5)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSOCK INFO [0.4440s] nsock_iod_new2(): nsock_iod_new (IOD #9)
NSOCK INFO [0.4450s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #9) EID 152
NSOCK INFO [0.4450s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 128 [10.7.110.234:5671]
NSOCK INFO [0.4450s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 136 [10.7.110.234:5671]
NSOCK INFO [0.4450s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 144 [10.7.110.234:5671]
NSOCK INFO [0.4450s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 152 [10.7.110.234:5671]
NSOCK INFO [0.4460s] nsock_write(): Write request for 224 bytes to IOD #6 EID 163 [10.7.110.234:5671]
NSOCK INFO [0.4460s] nsock_write(): Write request for 192 bytes to IOD #7 EID 171 [10.7.110.234:5671]
NSOCK INFO [0.4460s] nsock_write(): Write request for 176 bytes to IOD #8 EID 179 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_write(): Write request for 192 bytes to IOD #9 EID 187 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 163 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 171 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 179 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 187 [10.7.110.234:5671]
NSOCK INFO [0.4470s] nsock_readbytes(): Read request for 5 bytes from IOD #6 [10.7.110.234:5671] EID 194
NSOCK INFO [0.4470s] nsock_readbytes(): Read request for 5 bytes from IOD #7 [10.7.110.234:5671] EID 202
NSOCK INFO [0.4480s] nsock_readbytes(): Read request for 5 bytes from IOD #8 [10.7.110.234:5671] EID 210
NSOCK INFO [0.4480s] nsock_readbytes(): Read request for 5 bytes from IOD #9 [10.7.110.234:5671] EID 218
NSOCK INFO [0.4680s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 202 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4680s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 210 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4690s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 218 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4700s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 194 [10.7.110.234:5671] (7 bytes): 
......(
NSOCK INFO [0.4700s] nsock_iod_delete(): nsock_iod_delete (IOD #6)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: handshake_failure
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) 64 ciphers rejected.
NSOCK INFO [0.4700s] nsock_iod_new2(): nsock_iod_new (IOD #10)
NSOCK INFO [0.4710s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #10) EID 224
NSOCK INFO [0.4710s] nsock_iod_delete(): nsock_iod_delete (IOD #7)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSOCK INFO [0.4710s] nsock_iod_new2(): nsock_iod_new (IOD #11)
NSOCK INFO [0.4710s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #11) EID 232
NSOCK INFO [0.4710s] nsock_iod_delete(): nsock_iod_delete (IOD #8)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSOCK INFO [0.4710s] nsock_iod_new2(): nsock_iod_new (IOD #12)
NSOCK INFO [0.4720s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #12) EID 240
NSOCK INFO [0.4720s] nsock_iod_delete(): nsock_iod_delete (IOD #9)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSOCK INFO [0.4720s] nsock_iod_new2(): nsock_iod_new (IOD #13)
NSOCK INFO [0.4730s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #13) EID 248
NSOCK INFO [0.4730s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 224 [10.7.110.234:5671]
NSOCK INFO [0.4730s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 232 [10.7.110.234:5671]
NSOCK INFO [0.4730s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 240 [10.7.110.234:5671]
NSOCK INFO [0.4730s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 248 [10.7.110.234:5671]
NSOCK INFO [0.4740s] nsock_write(): Write request for 224 bytes to IOD #10 EID 259 [10.7.110.234:5671]
NSOCK INFO [0.4740s] nsock_write(): Write request for 192 bytes to IOD #11 EID 267 [10.7.110.234:5671]
NSOCK INFO [0.4740s] nsock_write(): Write request for 176 bytes to IOD #12 EID 275 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_write(): Write request for 192 bytes to IOD #13 EID 283 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 259 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 267 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 275 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 283 [10.7.110.234:5671]
NSOCK INFO [0.4750s] nsock_readbytes(): Read request for 5 bytes from IOD #10 [10.7.110.234:5671] EID 290
NSOCK INFO [0.4750s] nsock_readbytes(): Read request for 5 bytes from IOD #11 [10.7.110.234:5671] EID 298
NSOCK INFO [0.4760s] nsock_readbytes(): Read request for 5 bytes from IOD #12 [10.7.110.234:5671] EID 306
NSOCK INFO [0.4760s] nsock_readbytes(): Read request for 5 bytes from IOD #13 [10.7.110.234:5671] EID 314
NSOCK INFO [0.4760s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 298 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4760s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 306 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4770s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 314 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4770s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 290 [10.7.110.234:5671] (7 bytes): 
......(
NSOCK INFO [0.4770s] nsock_iod_delete(): nsock_iod_delete (IOD #10)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: handshake_failure
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) 64 ciphers rejected.
NSOCK INFO [0.4770s] nsock_iod_new2(): nsock_iod_new (IOD #14)
NSOCK INFO [0.4780s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #14) EID 320
NSOCK INFO [0.4780s] nsock_iod_delete(): nsock_iod_delete (IOD #11)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSOCK INFO [0.4780s] nsock_iod_new2(): nsock_iod_new (IOD #15)
NSOCK INFO [0.4780s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #15) EID 328
NSOCK INFO [0.4780s] nsock_iod_delete(): nsock_iod_delete (IOD #12)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSOCK INFO [0.4780s] nsock_iod_new2(): nsock_iod_new (IOD #16)
NSOCK INFO [0.4790s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #16) EID 336
NSOCK INFO [0.4790s] nsock_iod_delete(): nsock_iod_delete (IOD #13)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSOCK INFO [0.4790s] nsock_iod_new2(): nsock_iod_new (IOD #17)
NSOCK INFO [0.4800s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #17) EID 344
NSOCK INFO [0.4800s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 320 [10.7.110.234:5671]
NSOCK INFO [0.4800s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 328 [10.7.110.234:5671]
NSOCK INFO [0.4800s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 336 [10.7.110.234:5671]
NSOCK INFO [0.4800s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 344 [10.7.110.234:5671]
NSOCK INFO [0.4810s] nsock_write(): Write request for 224 bytes to IOD #14 EID 355 [10.7.110.234:5671]
NSOCK INFO [0.4810s] nsock_write(): Write request for 192 bytes to IOD #15 EID 363 [10.7.110.234:5671]
NSOCK INFO [0.4810s] nsock_write(): Write request for 176 bytes to IOD #16 EID 371 [10.7.110.234:5671]
NSOCK INFO [0.4810s] nsock_write(): Write request for 192 bytes to IOD #17 EID 379 [10.7.110.234:5671]
NSOCK INFO [0.4820s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 355 [10.7.110.234:5671]
NSOCK INFO [0.4820s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 363 [10.7.110.234:5671]
NSOCK INFO [0.4820s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 371 [10.7.110.234:5671]
NSOCK INFO [0.4820s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 379 [10.7.110.234:5671]
NSOCK INFO [0.4820s] nsock_readbytes(): Read request for 5 bytes from IOD #14 [10.7.110.234:5671] EID 386
NSOCK INFO [0.4820s] nsock_readbytes(): Read request for 5 bytes from IOD #15 [10.7.110.234:5671] EID 394
NSOCK INFO [0.4820s] nsock_readbytes(): Read request for 5 bytes from IOD #16 [10.7.110.234:5671] EID 402
NSOCK INFO [0.4830s] nsock_readbytes(): Read request for 5 bytes from IOD #17 [10.7.110.234:5671] EID 410
NSOCK INFO [0.4830s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 386 [10.7.110.234:5671] (7 bytes): 
......G
NSOCK INFO [0.4830s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 394 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4830s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 402 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4830s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 410 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4840s] nsock_iod_delete(): nsock_iod_delete (IOD #14)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: insufficient_security
NSOCK INFO [0.4840s] nsock_iod_new2(): nsock_iod_new (IOD #18)
NSOCK INFO [0.4840s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #18) EID 416
NSOCK INFO [0.4840s] nsock_iod_delete(): nsock_iod_delete (IOD #15)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSOCK INFO [0.4840s] nsock_iod_new2(): nsock_iod_new (IOD #19)
NSOCK INFO [0.4850s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #19) EID 424
NSOCK INFO [0.4850s] nsock_iod_delete(): nsock_iod_delete (IOD #16)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSOCK INFO [0.4850s] nsock_iod_new2(): nsock_iod_new (IOD #20)
NSOCK INFO [0.4850s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #20) EID 432
NSOCK INFO [0.4850s] nsock_iod_delete(): nsock_iod_delete (IOD #17)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSOCK INFO [0.4850s] nsock_iod_new2(): nsock_iod_new (IOD #21)
NSOCK INFO [0.4860s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #21) EID 440
NSOCK INFO [0.4860s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 416 [10.7.110.234:5671]
NSOCK INFO [0.4860s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 424 [10.7.110.234:5671]
NSOCK INFO [0.4860s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 432 [10.7.110.234:5671]
NSOCK INFO [0.4870s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 440 [10.7.110.234:5671]
NSOCK INFO [0.4870s] nsock_write(): Write request for 224 bytes to IOD #18 EID 451 [10.7.110.234:5671]
NSOCK INFO [0.4870s] nsock_write(): Write request for 192 bytes to IOD #19 EID 459 [10.7.110.234:5671]
NSOCK INFO [0.4870s] nsock_write(): Write request for 176 bytes to IOD #20 EID 467 [10.7.110.234:5671]
NSOCK INFO [0.4880s] nsock_write(): Write request for 192 bytes to IOD #21 EID 475 [10.7.110.234:5671]
NSOCK INFO [0.4880s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 451 [10.7.110.234:5671]
NSOCK INFO [0.4880s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 459 [10.7.110.234:5671]
NSOCK INFO [0.4880s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 467 [10.7.110.234:5671]
NSOCK INFO [0.4880s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 475 [10.7.110.234:5671]
NSOCK INFO [0.4890s] nsock_readbytes(): Read request for 5 bytes from IOD #18 [10.7.110.234:5671] EID 482
NSOCK INFO [0.4890s] nsock_readbytes(): Read request for 5 bytes from IOD #19 [10.7.110.234:5671] EID 490
NSOCK INFO [0.4890s] nsock_readbytes(): Read request for 5 bytes from IOD #20 [10.7.110.234:5671] EID 498
NSOCK INFO [0.4890s] nsock_readbytes(): Read request for 5 bytes from IOD #21 [10.7.110.234:5671] EID 506
NSOCK INFO [0.4890s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 482 [10.7.110.234:5671] (7 bytes): 
......G
NSOCK INFO [0.4890s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 490 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4890s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 498 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4890s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 506 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4900s] nsock_iod_delete(): nsock_iod_delete (IOD #18)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: insufficient_security
NSOCK INFO [0.4900s] nsock_iod_new2(): nsock_iod_new (IOD #22)
NSOCK INFO [0.4900s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #22) EID 512
NSOCK INFO [0.4900s] nsock_iod_delete(): nsock_iod_delete (IOD #19)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSOCK INFO [0.4900s] nsock_iod_new2(): nsock_iod_new (IOD #23)
NSOCK INFO [0.4910s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #23) EID 520
NSOCK INFO [0.4910s] nsock_iod_delete(): nsock_iod_delete (IOD #20)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSOCK INFO [0.4910s] nsock_iod_new2(): nsock_iod_new (IOD #24)
NSOCK INFO [0.4910s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #24) EID 528
NSOCK INFO [0.4910s] nsock_iod_delete(): nsock_iod_delete (IOD #21)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSOCK INFO [0.4910s] nsock_iod_new2(): nsock_iod_new (IOD #25)
NSOCK INFO [0.4910s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #25) EID 536
NSOCK INFO [0.4910s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 512 [10.7.110.234:5671]
NSOCK INFO [0.4910s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 520 [10.7.110.234:5671]
NSOCK INFO [0.4920s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 528 [10.7.110.234:5671]
NSOCK INFO [0.4920s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 536 [10.7.110.234:5671]
NSOCK INFO [0.4920s] nsock_write(): Write request for 210 bytes to IOD #22 EID 547 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_write(): Write request for 178 bytes to IOD #23 EID 555 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_write(): Write request for 162 bytes to IOD #24 EID 563 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_write(): Write request for 178 bytes to IOD #25 EID 571 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 547 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 555 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 563 [10.7.110.234:5671]
NSOCK INFO [0.4930s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 571 [10.7.110.234:5671]
NSOCK INFO [0.4940s] nsock_readbytes(): Read request for 5 bytes from IOD #22 [10.7.110.234:5671] EID 578
NSOCK INFO [0.4940s] nsock_readbytes(): Read request for 5 bytes from IOD #23 [10.7.110.234:5671] EID 586
NSOCK INFO [0.4940s] nsock_readbytes(): Read request for 5 bytes from IOD #24 [10.7.110.234:5671] EID 594
NSOCK INFO [0.4950s] nsock_readbytes(): Read request for 5 bytes from IOD #25 [10.7.110.234:5671] EID 602
NSOCK INFO [0.4950s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 586 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4950s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 594 [10.7.110.234:5671] (7 bytes): 
......F
NSOCK INFO [0.4950s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 578 [10.7.110.234:5671] (2320 bytes)
NSOCK INFO [0.4950s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 602 [10.7.110.234:5671] (7 bytes): 
......F
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: certificate_request
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: server_hello_done
NSOCK INFO [0.4960s] nsock_iod_delete(): nsock_iod_delete (IOD #22)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Cipher TLS_RSA_WITH_AES_128_GCM_SHA256 chosen.
NSOCK INFO [0.4960s] nsock_iod_new2(): nsock_iod_new (IOD #26)
NSOCK INFO [0.4970s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #26) EID 608
NSOCK INFO [0.4970s] nsock_iod_delete(): nsock_iod_delete (IOD #23)
NSE: [ssl-enum-ciphers W:2bdfa58 10.7.110.234:5671] (TLSv1.0) Got alert: protocol_version
NSE: Finished ssl-enum-ciphers W:2bdfa58 against 10.7.110.234:5671.
NSOCK INFO [0.4970s] nsock_iod_delete(): nsock_iod_delete (IOD #24)
NSE: [ssl-enum-ciphers W:29ab888 10.7.110.234:5671] (SSLv3) Got alert: protocol_version
NSE: Finished ssl-enum-ciphers W:29ab888 against 10.7.110.234:5671.
NSOCK INFO [0.4970s] nsock_iod_delete(): nsock_iod_delete (IOD #25)
NSE: [ssl-enum-ciphers W:2b2f288 10.7.110.234:5671] (TLSv1.1) Got alert: protocol_version
NSE: Finished ssl-enum-ciphers W:2b2f288 against 10.7.110.234:5671.
NSOCK INFO [0.4990s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 608 [10.7.110.234:5671]
NSOCK INFO [0.4990s] nsock_write(): Write request for 208 bytes to IOD #26 EID 619 [10.7.110.234:5671]
NSOCK INFO [0.4990s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 619 [10.7.110.234:5671]
NSOCK INFO [0.4990s] nsock_readbytes(): Read request for 5 bytes from IOD #26 [10.7.110.234:5671] EID 626
NSOCK INFO [0.5000s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 626 [10.7.110.234:5671] (1424 bytes)
NSOCK INFO [0.5010s] nsock_readbytes(): Read request for 721 bytes from IOD #26 [10.7.110.234:5671] EID 634
NSOCK INFO [0.5010s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 634 [10.7.110.234:5671] (896 bytes)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: certificate_request
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: server_hello_done
NSOCK INFO [0.5010s] nsock_iod_delete(): nsock_iod_delete (IOD #26)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Cipher TLS_RSA_WITH_AES_256_GCM_SHA384 chosen.
NSOCK INFO [0.5010s] nsock_iod_new2(): nsock_iod_new (IOD #27)
NSOCK INFO [0.5020s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #27) EID 640
NSOCK INFO [0.5020s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 640 [10.7.110.234:5671]
NSOCK INFO [0.5030s] nsock_write(): Write request for 206 bytes to IOD #27 EID 651 [10.7.110.234:5671]
NSOCK INFO [0.5030s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 651 [10.7.110.234:5671]
NSOCK INFO [0.5030s] nsock_readbytes(): Read request for 5 bytes from IOD #27 [10.7.110.234:5671] EID 658
NSOCK INFO [0.5030s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 658 [10.7.110.234:5671] (7 bytes): 
......G
NSOCK INFO [0.5040s] nsock_iod_delete(): nsock_iod_delete (IOD #27)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Got alert: insufficient_security
NSOCK INFO [0.5040s] nsock_iod_new2(): nsock_iod_new (IOD #28)
NSOCK INFO [0.5040s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #28) EID 664
NSOCK INFO [0.5050s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 664 [10.7.110.234:5671]
NSOCK INFO [0.5050s] nsock_write(): Write request for 102 bytes to IOD #28 EID 675 [10.7.110.234:5671]
NSOCK INFO [0.5050s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 675 [10.7.110.234:5671]
NSOCK INFO [0.5050s] nsock_readbytes(): Read request for 5 bytes from IOD #28 [10.7.110.234:5671] EID 682
NSOCK INFO [0.5060s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 682 [10.7.110.234:5671] (2320 bytes)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: certificate_request
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: server_hello_done
NSOCK INFO [0.5070s] nsock_iod_delete(): nsock_iod_delete (IOD #28)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Compressor NULL chosen.
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) Comparing TLS_RSA_WITH_AES_128_GCM_SHA256 to 
TLS_RSA_WITH_AES_256_GCM_SHA384
NSOCK INFO [0.5070s] nsock_iod_new2(): nsock_iod_new (IOD #29)
NSOCK INFO [0.5080s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #29) EID 688
NSOCK INFO [0.5080s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 688 [10.7.110.234:5671]
NSOCK INFO [0.5080s] nsock_write(): Write request for 100 bytes to IOD #29 EID 699 [10.7.110.234:5671]
NSOCK INFO [0.5090s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 699 [10.7.110.234:5671]
NSOCK INFO [0.5090s] nsock_readbytes(): Read request for 5 bytes from IOD #29 [10.7.110.234:5671] EID 706
NSOCK INFO [0.5100s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 706 [10.7.110.234:5671] (1424 bytes)
NSOCK INFO [0.5100s] nsock_readbytes(): Read request for 721 bytes from IOD #29 [10.7.110.234:5671] EID 714
NSOCK INFO [0.5100s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 714 [10.7.110.234:5671] (896 bytes)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: certificate_request
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: server_hello_done
NSOCK INFO [0.5100s] nsock_iod_delete(): nsock_iod_delete (IOD #29)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) compare TLS_RSA_WITH_AES_128_GCM_SHA256 
TLS_RSA_WITH_AES_256_GCM_SHA384 -> TLS_RSA_WITH_AES_128_GCM_SHA256
NSOCK INFO [0.5100s] nsock_iod_new2(): nsock_iod_new (IOD #30)
NSOCK INFO [0.5110s] nsock_connect_tcp(): TCP connection requested to 10.7.110.234:5671 (IOD #30) EID 720
NSOCK INFO [0.5120s] nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 720 [10.7.110.234:5671]
NSOCK INFO [0.5120s] nsock_write(): Write request for 100 bytes to IOD #30 EID 731 [10.7.110.234:5671]
NSOCK INFO [0.5120s] nsock_trace_handler_callback(): Callback: WRITE SUCCESS for EID 731 [10.7.110.234:5671]
NSOCK INFO [0.5120s] nsock_readbytes(): Read request for 5 bytes from IOD #30 [10.7.110.234:5671] EID 738
NSOCK INFO [0.5130s] nsock_trace_handler_callback(): Callback: READ SUCCESS for EID 738 [10.7.110.234:5671] (2320 bytes)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: certificate_request
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] Unknown handshake message type: server_hello_done
NSOCK INFO [0.5140s] nsock_iod_delete(): nsock_iod_delete (IOD #30)
NSE: [ssl-enum-ciphers W:2c89908 10.7.110.234:5671] (TLSv1.2) compare TLS_RSA_WITH_AES_256_GCM_SHA384 
TLS_RSA_WITH_AES_128_GCM_SHA256 -> TLS_RSA_WITH_AES_256_GCM_SHA384
NSE: Finished ssl-enum-ciphers W:2c89908 against 10.7.110.234:5671.
NSE: Finished ssl-enum-ciphers M:24bfb38 against 10.7.110.234:5671.
Completed NSE at 14:51, 0.09s elapsed
Nmap scan report for 10.7.110.234
Host is up, received echo-reply ttl 62 (0.00069s latency).
Scanned at 2019-06-25 14:51:01 MDT for 0s

PORT     STATE SERVICE REASON
5671/tcp open  amqps   syn-ack ttl 62
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|_  least strength: A
Final times for host: srtt: 693 rttvar: 3833  to: 100000

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 14:51
Completed NSE at 14:51, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds
           Raw packets sent: 5 (196B) | Rcvd: 2 (72B)


From: Lemons, Terry
Sent: Tuesday, June 25, 2019 3:28 PM
To: 'Matthew.Snyder () mt com'; dev () nmap org
Subject: RE: ssl-enum-ciphers not returning all ciphers

Hi Matt

Thanks very much for the help!

Thanks for pointing out that I was wrong in identifying the two ciphers shown in nmap; that makes the results make more 
sense.

I ran the openssl command you suggested; stripping out some of the possibly-sensitive information; here is the output:

lava93141:/tmp # openssl s_client -connect 10.7.110.234:5671 -cipher DHE-RSA-AES256-GCM-SHA384
CONNECTED(00000003)
.
.
.
verify error:num=19:self signed certificate in certificate chain
139674829317776:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:s3_pkt.c:1498:SSL alert 
number 40
139674829317776:error:140790E5:SSL routines:ssl23_write:ssl handshake failure:s23_lib.c:177:
---
Certificate chain
.
.
.
---
Server certificate
-----BEGIN CERTIFICATE-----
.
.
.
-----END CERTIFICATE-----
subject=...
issuer=...
---
Acceptable client certificate CA names
.
.
.
Client Certificate Types: ECDSA sign, RSA sign, DSA sign
Requested Signature Algorithms: 
ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Shared Requested Signature Algorithms: 
ECDSA+SHA512:RSA+SHA512:ECDSA+SHA384:RSA+SHA384:ECDSA+SHA256:RSA+SHA256:ECDSA+SHA224:RSA+SHA224:ECDSA+SHA1:RSA+SHA1:DSA+SHA1
Peer signing digest: SHA512
Server Temp Key: DH, 2048 bits
---
SSL handshake has read 3122 bytes and written 330 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : DHE-RSA-AES256-GCM-SHA384
    Session-ID: xxxxxx
    Session-ID-ctx:
    Master-Key: xxxxxxx
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    Start Time: 1561490298
    Timeout   : 300 (sec)
    Verify return code: 19 (self signed certificate in certificate chain)
---
#

Thoughts?

Thanks
tl

From: Matthew.Snyder () mt com<mailto:Matthew.Snyder () mt com> <Matthew.Snyder () mt com<mailto:Matthew.Snyder () mt 
com>>
Sent: Tuesday, June 25, 2019 3:14 PM
To: Lemons, Terry; dev () nmap org<mailto:dev () nmap org>
Subject: RE: ssl-enum-ciphers not returning all ciphers


[EXTERNAL EMAIL]
I actually see this pushing only the first two (RSA-only, non-ephemeral, non-Diffie-Hellman ---- follow highlights).  
But that's not really the issue being questioned.

Can you confirm, is there a different result if you were to use "openssl s_client -connect 10.7.110.234:5671 -cipher 
DHE-RSA-AES256-GCM-SHA384"???

If by running an example that we are not seeing in NMAP, we get an incomplete handshake, it's likely that NMAP is 
accurate in its result.

Regards,
Matt

From: dev <dev-bounces () nmap org<mailto:dev-bounces () nmap org>> On Behalf Of Lemons, Terry
Sent: Tuesday, June 25, 2019 2:47 PM
To: dev () nmap org<mailto:dev () nmap org>
Subject: ssl-enum-ciphers not returning all ciphers

Hi

I'm using nmap 7.70 on a Linux system to probe a different Linux system that is using RabbitMQ/Erlang.

The cipher list, specified in the RabbitMQ-specific format, is:

ssl_options.ciphers.1 = AES128-GCM-SHA256
ssl_options.ciphers.2 = AES256-GCM-SHA384
ssl_options.ciphers.3 = DHE-RSA-AES256-GCM-SHA384
ssl_options.ciphers.4 = DHE-RSA-AES128-GCM-SHA256
ssl_options.ciphers.5 = DHE-RSA-AES256-SHA256
ssl_options.ciphers.6 = DHE-RSA-AES128-SHA256
ssl_options.ciphers.7 = DHE-RSA-AES256-SHA
ssl_options.ciphers.8 = DHE-RSA-AES128-SHA
ssl_options.ciphers.9 = ECDHE-RSA-AES128-GCM-SHA256
ssl_options.ciphers.10 = ECDHE-RSA-AES256-SHA384
ssl_options.ciphers.11 = ECDHE-RSA-AES128-GCM-SHA256
ssl_options.ciphers.12 = ECDHE-RSA-AES128-SHA256
ssl_options.ciphers.13 = ECDHE-RSA-AES256-SHA
ssl_options.ciphers.14 = ECDHE-RSA-AES128-SHA

When I run nmap (with -d option, below), it returns only the third and fourth cipher:

nmap -sV -p 5671 -d --script ssl-enum-ciphers 10.7.110.234
Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-25 12:36 MDT
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI:
NSE: Loaded 44 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 12:36
Completed NSE at 12:36, 0.00s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 12:36
Completed NSE at 12:36, 0.00s elapsed
Initiating Ping Scan at 12:36
Scanning 10.7.110.234 [4 ports]
Packet capture filter (device eth0): dst host 10.7.93.141 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
10.7.110.234)))
We got a ping packet back from 10.7.110.234: id = 48554 seq = 0 checksum = 16981
Completed Ping Scan at 12:36, 0.00s elapsed (1 total hosts)
Overall sending rates: 1114.21 packets / s, 42339.83 bytes / s.
mass_rdns: Using DNS server 10.7.93.100
Initiating Parallel DNS resolution of 1 host. at 12:36
mass_rdns: 13.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 3]
Completed Parallel DNS resolution of 1 host. at 12:37, 13.00s elapsed
DNS resolution of 1 IPs took 13.00s. Mode: Async [#: 1, OK: 0, NX: 0, DR: 1, SF: 0, TR: 3, CN: 0]
Initiating SYN Stealth Scan at 12:37
Scanning 10.7.110.234 [1 port]
Packet capture filter (device eth0): dst host 10.7.93.141 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 
10.7.110.234)))
Discovered open port 5671/tcp on 10.7.110.234
Completed SYN Stealth Scan at 12:37, 0.00s elapsed (1 total ports)
Overall sending rates: 354.99 packets / s, 15619.45 bytes / s.
Initiating Service scan at 12:37
Scanning 1 service on 10.7.110.234
Got nsock CONNECT response with status ERROR - aborting this service
Completed Service scan at 12:37, 5.05s elapsed (1 service on 1 host)
NSE: Script scanning 10.7.110.234.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 12:37
NSE: Starting ssl-enum-ciphers against 10.7.110.234:5671.
NSE: [ssl-enum-ciphers 10.7.110.234:5671] Trying protocol TLSv1.1.
NSE: [ssl-enum-ciphers 10.7.110.234:5671] Trying protocol SSLv3.
NSE: [ssl-enum-ciphers 10.7.110.234:5671] Trying protocol TLSv1.2.
NSE: [ssl-enum-ciphers 10.7.110.234:5671] Trying protocol TLSv1.0.
NSE: Finished ssl-enum-ciphers against 10.7.110.234:5671.
NSE: Finished ssl-enum-ciphers against 10.7.110.234:5671.
NSE: Finished ssl-enum-ciphers against 10.7.110.234:5671.
NSE: [ssl-enum-ciphers 10.7.110.234:5671] (TLSv1.2) Comparing TLS_RSA_WITH_AES_128_GCM_SHA256 to 
TLS_RSA_WITH_AES_256_GCM_SHA384
NSE: Finished ssl-enum-ciphers against 10.7.110.234:5671.
NSE: Finished ssl-enum-ciphers against 10.7.110.234:5671.
Completed NSE at 12:37, 0.07s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 12:37
NSE: Starting rpc-grind against 10.7.110.234:5671.
NSE: [rpc-grind 10.7.110.234:5671] isRPC didn't receive response.
NSE: [rpc-grind 10.7.110.234:5671] Target port 5671 is not a RPC port.
NSE: Finished rpc-grind against 10.7.110.234:5671.
Completed NSE at 12:37, 0.01s elapsed
Nmap scan report for 10.7.110.234
Host is up, received echo-reply ttl 62 (0.0013s latency).
Scanned at 2019-06-25 12:36:49 MDT for 18s

PORT     STATE SERVICE    REASON         VERSION
5671/tcp open  ssl/amqps? syn-ack ttl 62
| ssl-enum-ciphers:
|   TLSv1.2:
|     ciphers:
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|     compressors:
|       NULL
|     cipher preference: client
|_  least strength: A
Final times for host: srtt: 1292 rttvar: 3833  to: 100000

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 2) scan.
Initiating NSE at 12:37
Completed NSE at 12:37, 0.00s elapsed
NSE: Starting runlevel 2 (of 2) scan.
Initiating NSE at 12:37
Completed NSE at 12:37, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-payloads nmap-service-probes nmap-services.
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 18.80 seconds
           Raw packets sent: 5 (196B) | Rcvd: 2 (72B)
#

Is this a known problem? Should I be running nmap with different options?  I tried '-T1' but it didn't change the 
behavior.

Thanks!
tl


Terry Lemons

[DellEMC_Logo_Hz_Blue_rgb_10percent]
Data Protection Division

176 South Street, MS 2/B-34
Hopkinton MA 01748
terry.lemons () dell com<mailto:terry.lemons () dell com>

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

ssl-enum-ciphers not returning all ciphers Lemons, Terry (Jun 25)
- RE: ssl-enum-ciphers not returning all ciphers Matthew.Snyder (Jun 25)
  - RE: ssl-enum-ciphers not returning all ciphers Lemons, Terry (Jun 25)
    - RE: ssl-enum-ciphers not returning all ciphers Lemons, Terry (Jun 25)
    - Re: ssl-enum-ciphers not returning all ciphers Daniel Miller (Jun 25)
    - RE: ssl-enum-ciphers not returning all ciphers Lemons, Terry (Jun 26)