Talk to a Security Expert Now: (800) 721-9177

Enumerating SSL Ciphers with SSLScan

SSLScan

You’d think that checking your email in a web browser is a simple task. Open up Firefox, plunk in your username and password, and start sending things to the SPAM folder. The truth is, when you load up your web mail in a browser, a flurry of activity takes place behind the scenes. One of the most interesting things that happens is how your web browser interacts with your web mail server (or any SSL-enabled service) to select a encryption protocol to use. While I won’t dive too deep into the mechanics of it all, I will try to explain why it is important.

Before the mail server will send any sensitive information to your browser, they need to agree on how they will encrypt the data. This gets boiled down to your web browser and the server listing their supported ciphers, and the two parties agreeing on the strongest cipher or protocol that they both support. The key here is supported protocols.  This means that your SSL-enabled service supports a wide array of encryption ciphers and protocols so it can play nice with all sorts of different browsers and operating systems.  In a perfect world, all ciphers and protocols are created equal, but like everything else; there is good encryption and there is bad encryption.

This is where a nifty little app called SSLScan steps in. It runs against SSL-enabled services and finds out exactly which protocols and ciphers are supported by the server.  This is handy for identifying potentially weak SSL ciphers or protocols (SSLv2, low-bitstrength ciphers, NULL ciphers, etc).  It also lists preferred ciphers and details about the SSL certificates.   (If all this is nothing new to you, see The Shell Shakespeare’s post on SSL vulnerabilities – that guy could make meatloaf with nothing but emacs and a bash prompt.)

Debian users are lucky –  a version of SSLScan exists in the Squeeze repo (although its a version behind).  For everyone else, it should build easily on common systems.  I know other tools exist to enumerate SSL methods.  Most vulnerability scanners will flag weak ciphers. TSS will show you how to use OpenSSL and Bash to do it.  Does anyone have other favorites?

# ./sslscan 10.0.0.45
 _
 ___ ___| |___  ___ __ _ _ __
 / __/ __| / __|/ __/ _` | '_ 
 __ __  __  (_| (_| | | | |
 |___/___/_|___/_____,_|_| |_|

 Version 1.8.0
 http://www.titania.co.uk
 Copyright Ian Ventura-Whiting 2009

Testing SSL server 10.0.0.45 on port 443

 Supported Server Cipher(s):
 Rejected  N/A              SSLv2  168 bits  DES-CBC3-MD5
 Rejected  N/A              SSLv2  56 bits   DES-CBC-MD5
 Rejected  N/A              SSLv2  40 bits   EXP-RC2-CBC-MD5
 Rejected  N/A              SSLv2  128 bits  RC2-CBC-MD5
 Rejected  N/A              SSLv2  40 bits   EXP-RC4-MD5
 Rejected  N/A              SSLv2  128 bits  RC4-MD5
 Rejected  N/A              SSLv3  256 bits  ADH-AES256-SHA
 Accepted  SSLv3  256 bits  DHE-RSA-AES256-SHA
 Rejected  N/A              SSLv3  256 bits  DHE-DSS-AES256-SHA
 Accepted  SSLv3  256 bits  AES256-SHA
 Rejected  N/A              SSLv3  128 bits  ADH-AES128-SHA
 Accepted  SSLv3  128 bits  DHE-RSA-AES128-SHA
 Rejected  N/A              SSLv3  128 bits  DHE-DSS-AES128-SHA
 Accepted  SSLv3  128 bits  AES128-SHA
 Rejected  N/A              SSLv3  168 bits  ADH-DES-CBC3-SHA
 Rejected  N/A              SSLv3  56 bits   ADH-DES-CBC-SHA
 Rejected  N/A              SSLv3  40 bits   EXP-ADH-DES-CBC-SHA
 Rejected  N/A              SSLv3  128 bits  ADH-RC4-MD5
 Rejected  N/A              SSLv3  40 bits   EXP-ADH-RC4-MD5
 Accepted  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
 Rejected  N/A              SSLv3  56 bits   EDH-RSA-DES-CBC-SHA
 Rejected  N/A              SSLv3  40 bits   EXP-EDH-RSA-DES-CBC-SHA
 Rejected  N/A              SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
 Rejected  N/A              SSLv3  56 bits   EDH-DSS-DES-CBC-SHA
 Rejected  N/A              SSLv3  40 bits   EXP-EDH-DSS-DES-CBC-SHA
 Accepted  SSLv3  168 bits  DES-CBC3-SHA
 Rejected  N/A              SSLv3  56 bits   DES-CBC-SHA
 Rejected  N/A              SSLv3  40 bits   EXP-DES-CBC-SHA
 Rejected  N/A              SSLv3  40 bits   EXP-RC2-CBC-MD5
 Accepted  SSLv3  128 bits  RC4-SHA
 Accepted  SSLv3  128 bits  RC4-MD5
 Rejected  N/A              SSLv3  40 bits   EXP-RC4-MD5
 Rejected  N/A              SSLv3  0 bits    NULL-SHA
 Rejected  N/A              SSLv3  0 bits    NULL-MD5
 Rejected  N/A              TLSv1  256 bits  ADH-AES256-SHA
 Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA
 Rejected  N/A              TLSv1  256 bits  DHE-DSS-AES256-SHA
 Accepted  TLSv1  256 bits  AES256-SHA
 Rejected  N/A              TLSv1  128 bits  ADH-AES128-SHA
 Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA
 Rejected  N/A              TLSv1  128 bits  DHE-DSS-AES128-SHA
 Accepted  TLSv1  128 bits  AES128-SHA
 Rejected  N/A              TLSv1  168 bits  ADH-DES-CBC3-SHA
 Rejected  N/A              TLSv1  56 bits   ADH-DES-CBC-SHA
 Rejected  N/A              TLSv1  40 bits   EXP-ADH-DES-CBC-SHA
 Rejected  N/A              TLSv1  128 bits  ADH-RC4-MD5
 Rejected  N/A              TLSv1  40 bits   EXP-ADH-RC4-MD5
 Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
 Rejected  N/A              TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
 Rejected  N/A              TLSv1  40 bits   EXP-EDH-RSA-DES-CBC-SHA
 Rejected  N/A              TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
 Rejected  N/A              TLSv1  56 bits   EDH-DSS-DES-CBC-SHA
 Rejected  N/A              TLSv1  40 bits   EXP-EDH-DSS-DES-CBC-SHA
 Accepted  TLSv1  168 bits  DES-CBC3-SHA
 Rejected  N/A              TLSv1  56 bits   DES-CBC-SHA
 Rejected  N/A              TLSv1  40 bits   EXP-DES-CBC-SHA
 Rejected  N/A              TLSv1  40 bits   EXP-RC2-CBC-MD5
 Accepted  TLSv1  128 bits  RC4-SHA
 Accepted  TLSv1  128 bits  RC4-MD5
 Rejected  N/A              TLSv1  40 bits   EXP-RC4-MD5
 Rejected  N/A              TLSv1  0 bits    NULL-SHA
 Rejected  N/A              TLSv1  0 bits    NULL-MD5

 Prefered Server Cipher(s):
 SSLv3  256 bits  DHE-RSA-AES256-SHA
 TLSv1  256 bits  DHE-RSA-AES256-SHA
...

Leave a Reply

Your email address will not be published. Required fields are marked *