Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protocols not supported when a warning is returned #229

Open
rbsec opened this issue Nov 25, 2020 · 2 comments
Open

Protocols not supported when a warning is returned #229

rbsec opened this issue Nov 25, 2020 · 2 comments

Comments

@rbsec
Copy link
Owner

rbsec commented Nov 25, 2020
edited
Loading

The protocol scan will show protocols as disabled if they return a warning, even if the handshake then completes successfully.

The response to the initial ClientHello can have a content type of Alert (21) with the level of Warning (1), but the handshake still succeeds.

https://github.com/rbsec/sslscan/blob/master/sslscan.c#L4992

We need to check if it is a warning, and if so then read the next packet to see if we get a ServerHello.
@jtesta
Copy link
Contributor

jtesta commented Nov 25, 2020 via email

@rbsec
Copy link
Owner Author

rbsec commented Nov 25, 2020

I was scanning a FortiWeb appliance that was returning unrecognized_name (code 112) response on the admin interface. It did this regardless of whether I used the proper hostname or IP address.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jtesta @rbsec