ic0ns

BasicMac-<position>-<XOR> - A Record with ApplicationData, MAC and padding bytes, where the padding byte at <position> is XOR'd <XOR>
MissingMacByteFirst - A Record without ApplicationData, where the first byte of the MAC is missing
MissingMacByteLast - A Record without ApplicationData, where the last byte of the MAC is missing
Plain FF - A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xFF 
Plain 3F - A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xF3
InvPadValMac-[<position>]-<appDataLength>-<paddingBytes> - A Record with invalid padding and valid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The Padding is invalid at <position>.
ValPadInvMac-[<position>]-<appDataLength>-<paddingBytes> - A Record with valid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at <position>.
InvPadInvMac-[<position>]

ic0ns

PaddingOracle Details

Identification             : Openssl CVE-2019-1559
CVE                       : Openssl CVE-2019-1559
Strength                  : STRONG
Observable                : true


If an application encounters a fatal protocol error and then calls

ic0ns

TLS_RSA_WITH_3DES_EDE_CBC_SHA            - TLS12	 - SOCKET_STATE  VULNERABLE
Response Map
	BasicMac-19-01                         [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	                                       [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	                                       [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	BasicMac-10-08                         [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	                                       [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	                                       [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	BasicMac-0-80                          [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X
	                                       [BAD_RECORD_MAC] (CLOSE_NOTIFY)  ENC X

ic0ns

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       - TLS10	 - No Behavior Difference
Response Map
	BasicMac-19-01                         [BAD_RECORD_MAC]  ENC X
	BasicMac-10-08                         [BAD_RECORD_MAC]  ENC X
	BasicMac-0-80                          [BAD_RECORD_MAC]  ENC X
	MissingMacByteFirst                    [BAD_RECORD_MAC]  ENC X
	MissingMacByteLast                     [BAD_RECORD_MAC]  ENC X
	Plain XF (0xXF=#padding bytes)         [BAD_RECORD_MAC]  ENC X
	Plain FF                               [BAD_RECORD_MAC]  ENC X
	InvPadValMac-[0]-0-59                  [BAD_RECORD_MAC]  ENC X

ic0ns

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 -reportDetail ALL

ic0ns

PaddingOracle Responsemap

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA       - TLS10	 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA         - TLS10	 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA    - TLS10	 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA             - TLS10	 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA        - TLS10	 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA       - TLS10	 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA         - TLS10	 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA    - TLS10	 - No Behavior Difference

ic0ns

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100

ic0ns

Scanned in: 204s
Report for hackmanit.de

--------------------------------------------------------
Supported Protocol Versions

TLS10
TLS11
TLS12

ic0ns

java -jar TLS-Scanner.jar -connect somehost.de

ic0ns

 Usage: <main class> [options]
  Options:
    -aggressiv
      The level of concurrent handshakes (only applies to some resource 
      intensive tests)
      Default: 1
    -config
      This parameter allows you to specify a default TlsConfig
  * -connect
      Who to connect to. Syntax: localhost:4433