Re: [Full-Disclosure] Openssl proof of concept code?

From: John Lampe (jwlampe@nessus.org)
Date: Thu Jan 08 2004 - 21:44:04 EST


On Thu, 8 Jan 2004, Lachniet, Mark wrote:

> Alternately, has anyone written a good program to
> remotely identify what SSL codebase is in use, other than looking for it
> in HTTP server headers? Nessus' ssltest.nasl can allegedly distinguish
> between a openssl and MS CryptoAPI or Novell, but this isn't really
> enough in my opinion.

and, so we're clear. The Nessus test is a *specific* test which looks for
SSL servers which will accept unrequested client-side certs (as opposed
to a more general test which either fingerprints or fuzzes SSL
servers...both of which seem very interesting, btw). And, if you look at
the code, the section where we weed out MS and Novell SSL servers just
leads to an exit(). i.e. the plugin will never flag or report on an "SSL
type or version".

So, it was incidental that we found certain systems (Microsoft and
Netware, to name two) which responded (how shall I say)...anomalously.
It was never the intent of the plugin to do anything more than test for
one specific bug.

John Lampe
jwlampe -at- nessus.org
http://f00dikator.aceryder.com/

---------------------------------------------------------------------------
----------------------------------------------------------------------------



This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:45 EDT