OpenSSL 1.0.2-chacha

Note: see `http://www.onwebsecurity.com/cryptography/openssl <https://www.onwebsecurity.com/cryptography/openssl>`__ for the latest binary. The version below is obsoleted by newer builds

Windows 64-bit binary build from a 26-06-2014 snapshot of https://github.com/PeterMosmans/openssl/tree/1.0.2-chacha. This is the official 1.0.2 branch (OpenSSL_1_0_2_stable), merged with support for the ChaCha20 and Poly1305 ciphers. Some minor build patches for Windows compatibility were applied. See the git repo for the full source.

Build commands:

  • mingw64 shared experimental-jpake enable-md2 enable-rc5 enable-rfc3779 enable-ec_nistp_64_gcc_128 enable-static-engine --openssldir=c\:/programs/openssl -DOPENSSL_NO_HEARTBEATS
  • make depend
  • make util/libeay.num
  • make util/ssleay.num
  • make
  • make report

Compiler used:

gcc version 4.9.0 (x86\_64-posix-seh-rev1, Built by MinGW-W64 project)

All tests passed

more ...

OpenSSL 1.0.1-chacha

A Windows 64-bit binary build from the 1.0.1 branch of OpenSSL (OpenSSL_1_0_1-stable), including (assembly code for) ChaCha20, Poly1305, J-PAKE, NIST P-224, NIST P-256 and the relatively unsafe ciphers MD2 and RC5 and broken protocol SSLv2. All available engines are provided as separate DLLs.
If you're using this in a production environment, don't forget to explicitly enable only ciphers that are considered safe.
The code for this build can be found at https://github.com/PeterMosmans/openssl/tree/1.0.1-chacha
Example openssl.cnf cipher string:
`` HIGH:!SSLv2:!IDEA:!RC4:!MD5:!ADH:!aNULL:!eNULL``

Build commands:

  • Configure mingw64 shared experimental-jpake enable-md2 enable-rc5 enable-rfc3779 enable-ec_nistp_64_gcc_128 enable-static-engine --openssldir=c\:/programs/openssl -DOPENSSL_NO_HEARTBEATS
  • make depend
  • make util/libeay.num
  • make util/ssleay.num
  • make
  • make report (all tests passed)
md5sum: d890de1ab4eba13c7d39139c5726144f

Compiler used:

  • gcc version 4.9.0 (x86_64-posix-seh-rev1, Built by MinGW-W64 project)
more ...

OpenSSL 1.0.2 (10-06-2014)

Note: see http://www.onwebsecurity.com/cryptography/openssl for the latest binary. The version below is obsoleted by newer builds

A Windows 64-bit binary build from a 10-06-2014 snapshot of the official 1.0.2 branch (OpenSSL_1_0_2_stable). This means that 'the latest OpenSSL vulnerabilities' that were disclosed on June 5th 2014 are fixed - see https://www.openssl.org/news/secadv_20140605.txt for more information.
I applied some minor patches for Windows compatibility and changed the version string.

Build commands:

Configure mingw64 shared experimental-jpake enable-md2 enable-rc5 \
enable-rfc3779 enable-ssl-trace enable-ec_nistp_64_gcc_128 \
enable-static-engine --openssldir=c:/tools -DOPENSSL_NO_HEARTBEATS \
-mtune=native
make depend
make util/libeay.num
make util/ssleay.num
make
make report

Compiler used:

  • gcc version 4.9.0 (x86_64-posix-seh-rev1, Built by MinGW-W64 project)
more ...

OpenSSL on 64 bit Windows with ChaCha and Poly1305 support

Note: see https://www.onwebsecurity.com/cryptography/openssl for the latest binary. The version below is obsoleted by newer builds

The main development branch of OpenSSL doesn't have support yet for the (relatively new) ChaCha 20 and Poly1305 ciphers. These can be found however on the 1.0.2-aead branch.

By slightly modifying some makefiles the source can be compiled for 64-bit Windows using mingw64 and msys.

Please find a binary build from a 27-05-2014 snapshot of the source code (1.0.2-aead branch) with assembly code enabled (imported from the 1.0.2 stable branch), and a lot of insecure, new and experimental ciphers enabled. I added the GOST engine gosteay32.dll as well.

The source code for this build can be found at https://github.com/PeterMosmans/openssl

Build commands:

  • Configure mingw64 shared experimental-jpake enable-md2 enable-rc5 enable-rfc3779 enable-ssl-trace enable-ec_nistp_64_gcc_128 enable-static-engine --openssldir=c:/tools
  • make depend
  • make util/libeay.num
  • make util/ssleay.num
  • make
  • make test

Enabled ciphers:

  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-ECDSA-AES256-GCM-SHA384
  • ECDHE-RSA-AES256-SHA384
  • ECDHE-ECDSA-AES256-SHA384
  • ECDHE-RSA-AES256-SHA
  • ECDHE-ECDSA-AES256-SHA
  • SRP-DSS-AES-256-CBC-SHA
  • SRP-RSA-AES-256-CBC-SHA
  • DH-DSS-AES256-GCM-SHA384
  • DHE-DSS-AES256-GCM-SHA384
  • DH-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES256-GCM-SHA384
  • DHE-RSA-AES256-SHA256
  • DHE-DSS-AES256-SHA256
  • DH-RSA-AES256-SHA256
  • DH-DSS-AES256-SHA256
  • DHE-RSA-AES256-SHA
  • DHE-DSS-AES256-SHA
  • DH-RSA-AES256-SHA
  • DH-DSS-AES256-SHA
  • ECDHE-ECDSA-CHACHA20-POLY1305
  • ECDHE-RSA-CHACHA20-POLY1305
  • DHE-RSA-CHACHA20-POLY1305
  • DHE-RSA-CAMELLIA256-SHA
  • DHE-DSS-CAMELLIA256-SHA
  • DH-RSA-CAMELLIA256-SHA
  • DH-DSS-CAMELLIA256-SHA
  • GOST2001-GOST89-GOST89
  • GOST94-GOST89-GOST89
  • AECDH-AES256-SHA
  • SRP-AES-256-CBC-SHA
  • ADH-AES256-GCM-SHA384
  • ADH-AES256-SHA256
  • ADH-AES256-SHA
  • ADH-CAMELLIA256-SHA
  • ECDH-RSA-AES256-GCM-SHA384
  • ECDH-ECDSA-AES256-GCM-SHA384
  • ECDH-RSA-AES256-SHA384
  • ECDH-ECDSA-AES256-SHA384
  • ECDH-RSA-AES256-SHA …
more ...

test_bn fails for OpenSSL on Windows

Compiling OpenSSL on Windows using MSYS and mingw64 is pretty straightforward. However, one of the tests (test_bn) to verify OpenSSL fails: The temporary file that test_bncreates contains Windows newline characters (\r\n) instead of the Unix type newline charater (\n).

The original regular expression checks for a zero (0) at the beginning of a line, and a newline character (\n).

(!/^0$$/)

A change to the regular expression that test_bn uses fixes this problem, and can be used on Unix as well as Windows environments. This makes the Makefile more cross-platform friendly. The modified regular expression checks for a zero (0) at the beginning of a line, an optional Windows newline character (\r) and a newline character (\n).

(!/^0\r?$$/)

md5sum: 1032dff7f957c4d1cdfa96af305c152b
Here's the patchfile (can be applied in the source directory using patch -Np1)
--- openssl-1.0.1g/test/Makefile 2014-04-07 16:55:44 +0000 +++ patched/test/Makefile 2014-05-06 00:07:20 +0000 @@ -227,7 +227,7 @@ @../util/shlib_wrap.sh ./$(BNTEST) >tmp.bntest @echo quit >>tmp.bntest @echo "running bc" - @) {if (/^test (.*)/) {print STDERR "\nverify $$1";} elsif (!/^0$$/) {die "\nFailed! bc: $$_";} else {print STDERR "."; $$i++;}} print STDERR "\n$$i tests passed\n"' + @) {if (/^test (.*)/) {print STDERR "\nverify …
more ...

analyze_hosts

If you're like me, you don't want to spend your precious memory on remembering awkward command line parameters. However, lots of tools require exactly that: awkward command line parameters.

To simplify scanning of hosts for network vulnerabilities I wrote a simple wrapper script around several open source security tools. The script lets you analyze one or several hosts for common misconfiguration vulnerabilities and weaknesses.
My main objective in writing the script was to make it as easy as possible to perform generic security tests, without any heavy prerequisites, make the script as informative as possible, and make use of open source tools.

Note that the latest version is the Python version - please use that one.

How to install

Clone the git archive using the command

git clone https://github.com/PeterMosmans/security-scripts.git

Needed

Linux, and nmap

Optional

  • curl
    for fingerprinting and to test for TRACE
  • dig
    to test for recursive DNS servers
  • git
    to update the script
  • nikto
    for webscanning
  • testssl.sh
    to check the SSL configuration

Usage

Oh irony - the command line parameters for the tool:

usage: analyze_hosts.sh [OPTION]... [HOST]

Scanning options:
 -a, --all perform all basic scans
 --max perform all advanced scans (more thorough)
 -b, --basic …
more ...

securing AMFPHP

I regulary run into Flash applications when I perform a web application penetration test. One of the most widely used server frameworks for communicating with a Flash object is AMFPHP.

Unfortunately the default installation of AMFPHP is insecure. A system administrator or developer actively has to secure the installation, which is often forgotten.

There are some tips lying around the Internet how to secure an AMFPHP installation. The summary:
In the root of your AMFPHP deployment,
  • delete the DiscoveryService.php file
  • Delete the browser folder and its contents
  • Edit gateway.php and set the PRODUCTION_SERVER property to true

Of course it's at least as important to write secure code, harden your server and implement proper patch and maintenance procedures.

more ...

unsafe HTTP methods

Vulnerability name: Unsafe HTTP methods

Aliases
  • Web server HTTP Trace/Track method support
  • Cross-site tracing vulnerability
  • Dangerous HTTP methods
Scope
Although this is a server configuration issue, the client is at risk here
Remediation
Disable TRACE and/or TRACK and/or DEBUG methods

Verification

Using curl , one can employ one of the methods by hand:

curl -sIX TRACE $TARGET | awk 'NR==1 {print $2}'

Vulnerable when: the result is 200

One should expect (not vulnerable) 405 (Method Not Allowed) or 501 (Not Implemented) results.

This executes the TRACE method against $TARGET , and prints out the HTTP status code using awk . The -I parameter fetches the head only, -s stands for silent mode, and -X specifies the method.

The easiest way to test whether a server is vulnerable is by using the script analyze_hosts.py [1].

This script uses curl as well as nmap to perform multiple tests.

analyze_hosts.py --trace http://www.target.com

Note

When an OPTIONS method is issued, the webserver should return the supported methods. Some web servers have a habit of replying with methods that are in fact not supported - which does not combine nicely with inferior security scanners (and pentesters, I might add) that relying …

more ...