Land rapid7#4024, auto-negotiate SSL versions

Thanks @hmoore-r7!

Author: Tod Beardsley

lib/msf/core/auxiliary/crawler.rb

@@ -44,7 +44,7 @@ def initialize(info = {})
         OptString.new('HTTPAdditionalHeaders', [false, "A list of additional headers to send (separated by \\x01)"]),
         OptString.new('HTTPCookie', [false, "A HTTP cookie header to send with each request"]),
         OptBool.new('SSL', [ false, 'Negotiate SSL for outgoing connections', false]),
-        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL23', 'SSL3', 'TLS1']]),
+        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL23', 'SSL3', 'TLS1']]),
       ], self.class
     )
 

lib/msf/core/exploit/http/client.rb

@@ -50,7 +50,7 @@ def initialize(info = {})
         OptString.new('PASSWORD', [false, 'The HTTP password to specify for  authentication', '']),
         OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]),
         OptBool.new('SSL', [ false, 'Negotiate SSL for outgoing connections', false]),
-        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]),
+        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]),
         OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
         OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION'])
       ], self.class

lib/msf/core/exploit/tcp.rb

@@ -62,7 +62,7 @@ def initialize(info = {})
     register_advanced_options(
       [
         OptBool.new('SSL',        [ false, 'Negotiate SSL for outgoing connections', false]),
-        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]),
+        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]),
         OptEnum.new('SSLVerifyMode',  [ false, 'SSL verification method', 'PEER', %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}]),
         OptString.new('SSLCipher',    [ false, 'String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"']),
         Opt::Proxies,
@@ -290,7 +290,7 @@ def initialize(info = {})
     register_options(
       [
         OptBool.new('SSL',        [ false, 'Negotiate SSL for incoming connections', false]),
-        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']]),
+        OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]),
         OptPath.new('SSLCert',    [ false, 'Path to a custom SSL certificate (default is randomly generated)']),
         OptAddress.new('SRVHOST', [ true, "The local host to listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]),
         OptPort.new('SRVPORT',    [ true, "The local port to listen on.", 8080 ]),

lib/rex/socket/parameters.rb

@@ -56,7 +56,7 @@ def self.from_hash(hash)
   # @option hash [Bool] 'Bool' Create a bare socket
   # @option hash [Bool] 'Server' Whether or not this should be a server
   # @option hash [Bool] 'SSL' Whether or not SSL should be used
-  # @option hash [String] 'SSLVersion' Specify SSL2, SSL3, or TLS1 (SSL3 is
+  # @option hash [String] 'SSLVersion' Specify Auto, SSL2, SSL3, or TLS1 (Auto is
   #   default)
   # @option hash [String] 'SSLCert' A file containing an SSL certificate (for
   #   server sockets)
@@ -117,7 +117,7 @@ def initialize(hash)
       self.ssl = false
     end
 
-    supported_ssl_versions = ['SSL2', 'SSL23', 'TLS1', 'SSL3', :SSLv2, :SSLv3, :SSLv23, :TLSv1]
+    supported_ssl_versions = ['Auto', 'SSL2', 'SSL23', 'TLS1', 'SSL3', :Auto, :SSLv2, :SSLv3, :SSLv23, :TLSv1]
     if (hash['SSLVersion'] and supported_ssl_versions.include? hash['SSLVersion'])
       self.ssl_version = hash['SSLVersion']
     end
@@ -324,7 +324,7 @@ def v6?
   # @return [Bool]
   attr_accessor :ssl
 
-  # What version of SSL to use (SSL2, SSL3, SSL23, TLS1)
+  # What version of SSL to use (Auto, SSL2, SSL3, SSL23, TLS1)
   # @return [String,Symbol]
   attr_accessor :ssl_version
 

lib/rex/socket/ssl_tcp.rb

@@ -56,18 +56,55 @@ def self.create_param(param)
   def initsock(params = nil)
     super
 
-    version = :SSLv3
-    if(params)
+    # The autonegotiation preference for SSL/TLS versions
+    versions = [:TLSv1, :SSLv3, :SSLv23, :SSLv2]
+
+    # Limit this to a specific SSL/TLS version if specified
+    if params
       case params.ssl_version
       when 'SSL2', :SSLv2
-        version = :SSLv2
+        versions = [:SSLv2]
       when 'SSL23', :SSLv23
-        version = :SSLv23
+        versions = [:SSLv23]
+      when 'SSL3', :SSLv3
+        versions = [:SSLv3]
       when 'TLS1', :TLSv1
-        version = :TLSv1
+        versions = [:TLSv1]
+      else
+        # Leave the version list as-is (Auto)
       end
     end
 
+    # Limit our versions to those supported by the linked OpenSSL library
+    versions = versions.select {|v| OpenSSL::SSL::SSLContext::METHODS.include? v }
+
+    # Raise an error if no selected versions are supported
+    if versions.length == 0
+      raise ArgumentError, 'The system OpenSSL does not support the requested SSL/TLS version'
+    end
+
+    last_error = nil
+
+    # Iterate through SSL/TLS versions until we successfully negotiate
+    versions.each do |version|
+      begin
+        # Try intializing the socket with this SSL/TLS version
+        # This will throw an exception if it fails
+        initsock_with_ssl_version(params, version)
+
+        # Success! Record what method was used and return
+        self.ssl_negotiated_version = version
+        return
+      rescue OpenSSL::SSL::SSLError => e
+        last_error = e
+      end
+    end
+
+    # No SSL/TLS versions succeeded, raise the last error
+    raise last_error
+  end
+
+  def initsock_with_ssl_version(params, version)
     # Build the SSL connection
     self.sslctx  = OpenSSL::SSL::SSLContext.new(version)
 
@@ -84,7 +121,9 @@ def initsock(params = nil)
       # Could also do this as graceful faildown in case a passed verify_mode is not supported
       self.sslctx.verify_mode = OpenSSL::SSL::VERIFY_PEER
     end
+
     self.sslctx.options = OpenSSL::SSL::OP_ALL
+
     if params.ssl_cipher
       self.sslctx.ciphers = params.ssl_cipher
     end
@@ -101,7 +140,6 @@ def initsock(params = nil)
     # XXX - enabling this causes infinite recursion, so disable for now
     # self.sslsock.sync_close = true
 
-
     # Force a negotiation timeout
     begin
     Timeout.timeout(params.timeout) do
@@ -327,11 +365,13 @@ def allow_nonblock?
   end
 
   attr_reader :peer_verified # :nodoc:
+  attr_reader :ssl_negotiated_version # :nodoc:
   attr_accessor :sslsock, :sslctx # :nodoc:
 
 protected
 
   attr_writer :peer_verified # :nodoc:
+  attr_writer :ssl_negotiated_version # :nodoc:
 
 
 rescue LoadError