Home page logo

pen-test logo Penetration Testing mailing list archives

Re: [Full-Disclosure] Openssl proof of concept code?
From: John Lampe <jwlampe () nessus org>
Date: Thu, 8 Jan 2004 21:44:04 -0500 (EST)

On Thu, 8 Jan 2004, Lachniet, Mark wrote:

Alternately, has anyone written a good program to
remotely identify what SSL codebase is in use, other than looking for it
in HTTP server headers?  Nessus' ssltest.nasl can allegedly distinguish
between a openssl and MS CryptoAPI or Novell, but this isn't really
enough in my opinion.

and, so we're clear.  The Nessus test is a *specific* test which looks for
SSL servers which will accept unrequested client-side certs (as opposed
to a more general test which either fingerprints or fuzzes SSL
servers...both of which seem very interesting, btw).  And, if you look at
the code, the section where we weed out MS and Novell SSL servers just
leads to an exit().  i.e. the plugin will never flag or report on an "SSL
type or version".

So, it was incidental that we found certain systems (Microsoft and
Netware, to name two) which responded (how shall I say)...anomalously.
It was never the intent of the plugin to do anything more than test for
one specific bug.

John Lampe
jwlampe -at- nessus.org


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]