tlsx icon indicating copy to clipboard operation
tlsx copied to clipboard

Published 20 hours ago verified publisher icon projectdiscovery

Add probing for Diffie-Hellman key exchange, where the prime is less than 2048 bits

Open forgedhallpass opened this issue 3 years ago • 2 comments

image

Results from sslscan: image

Inputs for testing:

dh480.badssl.com 
dh512.badssl.com 
dh1024.badssl.com
dh2048.badssl.com
dh-small-subgroup.badssl.com
dh-small-subgroup.badssl.com

forgedhallpass avatar Aug 01 '22 13:08 forgedhallpass

Assigned as part of https://github.com/projectdiscovery/tlsx/issues/20

ehsandeep avatar Aug 01 '22 18:08 ehsandeep

On Hold - It's unclear how to define the DHE prime size in the tls standard library and ztls. Reading around, it looks like the size is defined server side. It can be detected by trying to dial a tls handshake with an elliptic curve using Diffie-Hellman (e.g. openssl s_client -connect dh512.badssl.com:443 -cipher "EDH"), then obtaining the key size directly via raw material or from a pcap capture (ref. https://github.com/openssl/openssl/issues/19057). The following are two possible methods to implement the feature:

  • Turn openssl from cgo bindings to CLI bindings, then use the previous command
  • Capture via pcap and gopacket

Custom implementation by parsing raw material or altering tls/ztls shouldn't be considered. Blocked by #135

Mzack9999 avatar Sep 04 '22 20:09 Mzack9999