This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BasicMac-<position>-<XOR> - A Record with ApplicationData, MAC and padding bytes, where the padding byte at <position> is XOR'd <XOR> | |
MissingMacByteFirst - A Record without ApplicationData, where the first byte of the MAC is missing | |
MissingMacByteLast - A Record without ApplicationData, where the last byte of the MAC is missing | |
Plain FF - A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xFF | |
Plain 3F - A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xF3 | |
InvPadValMac-[<position>]-<appDataLength>-<paddingBytes> - A Record with invalid padding and valid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The Padding is invalid at <position>. | |
ValPadInvMac-[<position>]-<appDataLength>-<paddingBytes> - A Record with valid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at <position>. | |
InvPadInvMac-[<position>] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PaddingOracle Details | |
Identification : Openssl CVE-2019-1559 | |
CVE : Openssl CVE-2019-1559 | |
Strength : STRONG | |
Observable : true | |
If an application encounters a fatal protocol error and then calls |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS12 - SOCKET_STATE VULNERABLE | |
Response Map | |
BasicMac-19-01 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
BasicMac-10-08 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
BasicMac-0-80 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X | |
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference | |
Response Map | |
BasicMac-19-01 [BAD_RECORD_MAC] ENC X | |
BasicMac-10-08 [BAD_RECORD_MAC] ENC X | |
BasicMac-0-80 [BAD_RECORD_MAC] ENC X | |
MissingMacByteFirst [BAD_RECORD_MAC] ENC X | |
MissingMacByteLast [BAD_RECORD_MAC] ENC X | |
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X | |
Plain FF [BAD_RECORD_MAC] ENC X | |
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 -reportDetail ALL |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
PaddingOracle Responsemap | |
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference | |
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Scanned in: 204s | |
Report for hackmanit.de | |
-------------------------------------------------------- | |
Supported Protocol Versions | |
TLS10 | |
TLS11 | |
TLS12 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
java -jar TLS-Scanner.jar -connect somehost.de |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Usage: <main class> [options] | |
Options: | |
-aggressiv | |
The level of concurrent handshakes (only applies to some resource | |
intensive tests) | |
Default: 1 | |
-config | |
This parameter allows you to specify a default TlsConfig | |
* -connect | |
Who to connect to. Syntax: localhost:4433 |
NewerOlder