1BO4r2U
1BO4r2U
1BO4r2U
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
159 160<br />
Web Application Penetration Testing<br />
Web Application Penetration Testing<br />
sess SSL/TLS vulnerabilities. But due to evolution of these vulnerabilities<br />
a good way to test is to check them manually with openssl<br />
[30] or use the tool’s output as an input for manual evaluation using<br />
the references.<br />
Sometimes the SSL/TLS enabled service is not directly accessible<br />
and the tester can access it only via a HTTP proxy using CONNECT<br />
method [36]. Most of the tools will try to connect to desired tcp port<br />
to start SSL/TLS handshake. This will not work since desired port is<br />
accessible only via HTTP proxy. The tester can easily circumvent this<br />
by using relaying software such as socat [37].<br />
Example 2. SSL service recognition via nmap<br />
The first step is to identify ports which have SSL/TLS wrapped services.<br />
Typically tcp ports with SSL for web and mail services are -<br />
but not limited to - 443 (https), 465 (ssmtp), 585 (imap4-ssl), 993<br />
(imaps), 995 (ssl-pop).<br />
In this example we search for SSL services using nmap with “-sV”<br />
option, used to identify services and it is also able to identify SSL<br />
services [31]. Other options are for this particular example and must<br />
be customized. Often in a Web Application Penetration Test scope is<br />
limited to port 80 and 443.<br />
$ nmap -sV --reason -PN -n --top-ports 100 www.example.<br />
com<br />
Starting Nmap 6.25 ( http:/nmap.org ) at 2013-01-01 00:00<br />
CEST<br />
Nmap scan report for www.example.com (127.0.0.1)<br />
Host is up, received user-set (0.20s latency).<br />
Not shown: 89 filtered ports<br />
Reason: 89 no-responses<br />
PORT STATE SERVICE REASON VERSION<br />
21/tcp open ftp syn-ack Pure-FTPd<br />
22/tcp open ssh syn-ack OpenSSH 5.3 (protocol 2.0)<br />
25/tcp open smtp syn-ack Exim smtpd 4.80<br />
26/tcp open smtp syn-ack Exim smtpd 4.80<br />
80/tcp open http syn-ack<br />
110/tcp open pop3 syn-ack Dovecot pop3d<br />
143/tcp open imap syn-ack Dovecot imapd<br />
443/tcp open ssl/http syn-ack Apache<br />
465/tcp open ssl/smtp syn-ack Exim smtpd 4.80<br />
993/tcp open ssl/imap syn-ack Dovecot imapd<br />
995/tcp open ssl/pop3 syn-ack Dovecot pop3d<br />
Service Info: Hosts: example.com<br />
Service detection performed. Please report any incorrect results<br />
at http:/nmap.org/submit/ .<br />
Nmap done: 1 IP address (1 host up) scanned in 131.38 seconds<br />
Example 3. Checking for Certificate information, Weak Ciphers and<br />
SSLv2 via nmap<br />
Nmap has two scripts for checking Certificate information, Weak Ciphers<br />
and SSLv2 [31].<br />
$ nmap --script ssl-cert,ssl-enum-ciphers -p 443,465,993,995<br />
www.example.com<br />
Starting Nmap 6.25 ( http:/nmap.org ) at 2013-01-01 00:00<br />
CEST<br />
Nmap scan report for www.example.com (127.0.0.1)<br />
Host is up (0.090s latency).<br />
rDNS record for 127.0.0.1: www.example.com<br />
PORT STATE SERVICE<br />
443/tcp open https<br />
| ssl-cert: Subject: commonName=www.example.org<br />
| Issuer: commonName=*******<br />
| Public Key type: rsa<br />
| Public Key bits: 1024<br />
| Not valid before: 2010-01-23T00:00:00+00:00<br />
| Not valid after: 2020-02-28T23:59:59+00:00<br />
| MD5: *******<br />
|_SHA-1: *******<br />
| ssl-enum-ciphers:<br />
| SSLv3:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
| TLSv1.0:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
|_ least strength: strong<br />
465/tcp open smtps<br />
| ssl-cert: Subject: commonName=*.exapmple.com<br />
| Issuer: commonName=*******<br />
| Public Key type: rsa<br />
| Public Key bits: 2048<br />
| Not valid before: 2010-01-23T00:00:00+00:00<br />
| Not valid after: 2020-02-28T23:59:59+00:00<br />
| MD5: *******<br />
|_SHA-1: *******<br />
| ssl-enum-ciphers:<br />
| SSLv3:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
| TLSv1.0:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
|_ least strength: strong<br />
993/tcp open imaps<br />
| ssl-cert: Subject: commonName=*.exapmple.com<br />
| Issuer: commonName=*******<br />
| Public Key type: rsa<br />
|<br />
Public Key bits: 2048<br />
| Not valid before: 2010-01-23T00:00:00+00:00<br />
| Not valid after: 2020-02-28T23:59:59+00:00<br />
| MD5: *******<br />
|_SHA-1: *******<br />
| ssl-enum-ciphers:<br />
| SSLv3:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
| TLSv1.0:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
|_ least strength: strong<br />
995/tcp open pop3s<br />
| ssl-cert: Subject: commonName=*.exapmple.com<br />
| Issuer: commonName=*******<br />
| Public Key type: rsa<br />
| Public Key bits: 2048<br />
| Not valid before: 2010-01-23T00:00:00+00:00<br />
| Not valid after: 2020-02-28T23:59:59+00:00<br />
| MD5: *******<br />
|_SHA-1: *******<br />
| ssl-enum-ciphers:<br />
| SSLv3:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
| TLSv1.0:<br />
| ciphers:<br />
| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong<br />
| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong<br />
| TLS_RSA_WITH_RC4_128_SHA - strong<br />
| compressors:<br />
| NULL<br />
|_ least strength: strong<br />
Nmap done: 1 IP address (1 host up) scanned in 8.64 seconds<br />
Example 4 Checking for Client-initiated Renegotiation and Secure<br />
Renegotiation via openssl (manually)<br />
Openssl [30] can be used for testing manually SSL/TLS. In this example<br />
the tester tries to initiate a renegotiation by client [m] connecting<br />
to server with openssl. The tester then writes the fist line of an HTTP<br />
request and types “R” in a new line. He then waits for renegotiaion<br />
and completion of the HTTP request and checks if secure renegotiaion<br />
is supported by looking at the server output. Using manual<br />
requests it is also possible to see if Compression is enabled for TLS<br />
and to check for CRIME [13], for ciphers and for other vulnerabilities.<br />
$ openssl s_client -connect www2.example.com:443<br />
CONNECTED(00000003)<br />
depth=2 ******<br />
verify error:num=20:unable to get local issuer certificate<br />
verify return:0<br />
---<br />
Certificate chain<br />
0 s:******<br />
i:******<br />
1 s:******<br />
i:******<br />
2 s:******<br />
i:******<br />
---<br />
Server certificate<br />
-----BEGIN CERTIFICATE-----<br />
******<br />
-----END CERTIFICATE-----<br />
subject=******<br />
issuer=******<br />
---<br />
No client certificate CA names sent<br />
---<br />
SSL handshake has read 3558 bytes and written 640 bytes<br />
---<br />
New, TLSv1/SSLv3, Cipher is DES-CBC3-SHA<br />
Server public key is 2048 bit<br />
Secure Renegotiation IS NOT supported<br />
Compression: NONE<br />
Expansion: NONE<br />
SSL-Session:<br />
Protocol : TLSv1<br />
Cipher : DES-CBC3-SHA<br />
Session-ID: ******<br />
Session-ID-ctx:<br />
Master-Key: ******<br />
Key-Arg : None<br />
PSK identity: None<br />
PSK identity hint: None<br />
SRP username: None<br />
Start Time: ******<br />
Timeout : 300 (sec)<br />
Verify return code: 20 (unable to get local issuer certificate)<br />
---<br />
Now the tester can write the first line of an HTTP request and then<br />
R in a new line.<br />
HEAD / HTTP/1.1<br />
R<br />
Server is renegotiating<br />
RENEGOTIATING<br />
depth=2 C******<br />
verify error:num=20:unable to get local issuer certificate<br />
verify return:0