FYI: Quick fix for DH_KEY_TOO_SMALL

[Stean]

What's the problem (or question)?

I recently came across a SSL-related problem with noSQLmap. When I try to let it run against an older HTTPS server, I'm getting this error message:

$ python nosqlmap.py --attack 2 --https ON --httpMethod POST --verb ON --postData 'Something,test' --uri '/cgi-bin/mongo/2.2.3/dbparse.py' --webPort 443 --myPort 1234 --myIP 111.222.333.444 --victim 999.888.777.666 --platform MongoDB --injectedParameter 1 --injectSize 43 --injectFormat 1
Web App Attacks (POST)
===============
Checking to see if site at 999.888.777.666:443/cgi-bin/mongo/2.2.3/dbparse.py is up...
Traceback (most recent call last):
  File "nosqlmap.py", line 544, in <module>
    main(args)
  File "nosqlmap.py", line 45, in main
    attack(args)
  File "nosqlmap.py", line 163, in attack
    nsmweb.postApps(victim,webPort,uri,https,verb,postData,requestHeaders, args)
  File "/mnt/Tools/NoSQLMap/nsmweb.py", line 428, in postApps
    appRespCode = urllib2.urlopen(req).getcode()
  File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python2.7/urllib2.py", line 429, in open
    response = self._open(req, data)
  File "/usr/lib/python2.7/urllib2.py", line 447, in _open
    '_open', req)
  File "/usr/lib/python2.7/urllib2.py", line 407, in _call_chain
    result = func(*args)
  File "/usr/lib/python2.7/urllib2.py", line 1248, in https_open
    context=self._context)
  File "/usr/lib/python2.7/urllib2.py", line 1205, in do_open
    raise URLError(err)
urllib2.URLError: <urlopen error [SSL: DH_KEY_TOO_SMALL] dh key too small (_ssl.c:727)>

Expected behavior: I would have expected that the script simply runs the checks against the server.

Do you have an idea for a solution?

With a little bit of googling, I was able to find a quick fix by myself by:

Simply create a new OpenSSL file (e.g. called openssl.cnf) with the following contents:

system_default = system_default_sect

[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=1

Then export it as an environment variable: export OPENSSL_CONF=openssl.cnf After this, the error disappeared for me and the tool worked again. Source: https://askubuntu.com/questions/1233186/ubuntu-20-04-how-to-set-lower-ssl-security-level

I just wanted to publish this here, in case someone else encounters the same problem 🙂

What are the running context details?

• Installation method: git clone the source code and then use pip to install all dependencies within a virtualenv
• Client OS: Kali Linux 2020.4
• Program version: Git commit b199389ce936389ed56817647e375612244c1d1a
• Target DBMS (e.g. Mongo): Mongo
• Detected WAF/IDS/IPS protection (e.g. ModSecurity or unknown): no protection
• Relevant console output (if any):
• Exception traceback (if any): (see above)