|Date||January 27th, 2010|
SSLMap is a lightweight TLS/SSL cipher suite scanner. The tool was designed to meet the need of a simple but reliable way to detect weak ciphers suites enabled on SSL endpoints. SSLMap uses a custom SSL engine to avoid unnecessary limitations imposed by existing libraries, as a result it is capable of detecting uncommon cipher suites (e.g. GOST).
Let's run a sample scan against thesprawl.org:
$ python sslmap-0.2.0.py --host thesprawl.org _ | | version 0.2.0 ___ ___| |_ __ ___ __ _ _ __ / __/ __| | '_ ` _ \ / _` | '_ \ \__ \__ \ | | | | | | (_| | |_) | |___/___/_|_| |_| |_|\__,_| .__/ | | email@example.com |_| [*] Scanning thesprawl.org:443 for 229 known cipher suites. [+] TLS_RSA_WITH_AES_128_CBC_SHA (0x00002F) [+] TLS_DHE_RSA_WITH_DES_CBC_SHA (0x000015) [+] TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x000014) [+] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x000016) [+] TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x000039) [+] TLS_RSA_WITH_AES_256_CBC_SHA (0x000035) [+] TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x000033) [+] TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000A) [+] TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x000006) [+] TLS_RSA_WITH_RC4_128_MD5 (0x000004) [+] TLS_RSA_WITH_RC4_128_SHA (0x000005) [+] TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x000003) [+] TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x000008) [+] TLS_RSA_WITH_DES_CBC_SHA (0x000009) [+] SSL2_DES_64_CBC_WITH_MD5 (0x060040) [+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x040080) [+] SSL2_RC4_128_WITH_MD5 (0x010080) [+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x030080) [+] SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700C0) [+] SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080) ==================== Scan Results ==================== The following cipher suites were rated as HIGH: TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA The following cipher suites were rated as MEDIUM: TLS_RSA_WITH_RC4_128_MD5 TLS_RSA_WITH_RC4_128_SHA The following cipher suites were rated as EXPORT: TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_RSA_EXPORT_WITH_RC4_40_MD5 TLS_RSA_EXPORT_WITH_DES40_CBC_SHA SSL2_RC4_128_EXPORT40_WITH_MD5 The following cipher suites were rated as LOW: TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA SSL2_DES_64_CBC_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_RC4_128_WITH_MD5 SSL2_RC2_CBC_128_CBC_WITH_MD5 SSL2_DES_192_EDE3_CBC_WITH_MD5
From the above output, you can tell that the server has several weak ciphers rated as EXPORT and LOW. In the ideal situation these ciphers should be removed from a production site. See the TLS and SSL Cipher Suites article on how to interpret the results.
If you would like to make your own decision on whether a particular cipher is weak or strong, you can repeat the scan with the --verbose flag enabled thus allowing you to see individual components of the cipher suite and how the rating was calculated. Below is a snippet of the above scan with the verbose flag enabled:
... [*] Using SSL v2.0 handshake. [+] SSL2_DES_64_CBC_WITH_MD5 (0x060040) Specs: Kx=RSA, Au=RSA, Enc=DES_64_CBC, Bits=64, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW [+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x040080) Specs: Kx=RSA, Au=RSA, Enc=RC2_CBC_128_CBC, Bits=128, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW [+] SSL2_RC4_128_WITH_MD5 (0x010080) Specs: Kx=RSA, Au=RSA, Enc=RC4_128, Bits=128, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=MEDIUM, Overall=LOW [+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x030080) Specs: Kx=RSA, Au=RSA, Enc=RC2_CBC_128_CBC, Bits=128, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW [+] SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700C0) Specs: Kx=RSA, Au=RSA, Enc=DES_192_EDE3_CBC, Bits=192, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=HIGH, Overall=LOW [+] SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080) Specs: Kx=RSA, Au=RSA, Enc=RC4_128_EXPORT40, Bits=40, Mac=MD5 Score: Kx/Au=LOW, Enc/MAC=EXPORT, Overall=EXPORT ...
The help screen shows a brief outline of tool's functionality:
Usage: sslmap-0.2.0.py [options] Options: -h, --help show this help message and exit --host=gmail.com host --port=443 port --fuzz fuzz all possible cipher values (takes time) --tls1 use TLS v1.0 handshake --tls11 use TLS v1.1 handshake --tls12 use TLS v1.2 handshake --tls13 use TLS v1.3 handshake (future use) --ssl3 use SSL3 handshake --ssl2 use SSL2 handshake --verbose enable verbose output --db=ciphers.csv external cipher suite database. DB Format: cipher_id,name,protocol,Kx,Au,Enc,Bits,Mac,Auth Strength,Enc Strength,Overall Strength Usage: sslmap-0.2.0.py [options]
As a special note on the --fuzz parameter, you may use it to both stress test as well as discover yet unknown cipher suites on a target system. Naturally as there are a few million possible values for the cipher suite parameter, the test may run for some time.
TLS/SSL protocols support a large number of cipher suites. A cipher suite is a collection of symmetric and asymmetric encryption algorithms used by hosts to establish a secure communication. Supported cipher suites can be classified based on encryption algorithm strength, key length, key exchange and authentication mechanisms. Some cipher suites offer better level of security than others (e.g. Several weak cipher suites were developed for export to comply with US export law). There are more than 200 known cipher suites. Read more.
OpenSSL is an open-source TLS/SSL toolkit implemented for a variety of platforms. In this article you will learn several openssl client and server commands useful in working with TLS/SSL protocol. Read more.
Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are two closely related protocols designed to protect confidentiality and integrity of data in transit between two hosts. Read more.
Stunnel allows a user to tunnel any TCP based application protocol through a connection secured by TLS/SSL. Read more.
Wireshark is capable of decrypting TLS/SSL traffic. This article will discuss the required conditions necessary for the decryption and walk you through the exact steps. Read more.
Network traffic analysis is an important ingredient of a good iOS app pentest. The article covers several common approaches to iOS specific data interception such as network proxying, defeating network encryption, traffic injection and others. Read more.