blog goes to https://secdump.io

 blog goes to https://secdump.io

Which cipher supports a TLS (SSL) client ?

Which cipher supports certain  TLS (SSL) client ?

The is basic question that can lead to big efforts in some environments. For this reason, I wrote a small bash script to display to ciphers supported by client

In first  TLS/SSL negotiation packet, the client sends list of all supported ciphers as described in RFC TLS 1.2.

The common ways to obtain ciphers supported by client:

1. Read the client and OS documentation. TLS is mostly part of OS stack. You need to now where to look for, like switches, config files, patch level etc.
2. Use Wireshark or Tcpdump to display the SSL Handshake with ClientHello packet. For this you need root privileges (or similar), that are not alway available for experiments like this.
3. This script without root privileges

This relatively small bash scripts can help you to display the algorithms without need of root privileges but you need nc installed.

The script mimics a dummy server and dumps the cipher list provided by the client.

The script must not run on the client machine (localhost), then on machine that you have access and the client can connect to. Probably you need to adjust the client settings to connect to.

Here are the need steps

1. You can download the two bash files ssl_client_ciphers.zip  
2. Start  this dummy pseudo server with
     ./client-ciphers.sh {port}
3. Trigger the client to connect to this server. The server script will display the recieved client ciphers. From client prespective the connection with fail, since nothing hapens beside the fist packer (ClientHello)

 
Here and example of the output

x@host:/tmp$ ./client-ciphers.sh  1432
Client check ciphers v0.1 Vesselin 

 please start client to connect to port 1432
SSL Handshake found
TLS version(0303)   TLS 1.2
cipher len: 0x0088
---------------------------
cipher(C030)  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
cipher(C02C)  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
cipher(C028)  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
cipher(C024)  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
cipher(C014)  TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
cipher(C00A)  TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
cipher(00A3)  TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
cipher(009F)  TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
cipher(006B)  TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 

Enjoy

------------------------------------------------ 

If you can not download the ZIP file above (only in this case), here the script content


Name: ./client-ciphers.sh

#!/bin/bash
#
#   Print the TLS client ciphers send in TLS ClientHello
#
#   v0.1 Vesselin 25.05.2016
#
# Constants
echo "Client check ciphers v0.1 Vesselin"
echo
source ciphers.list

if [ $# -eq 0 ]; then
    echo "No arguments supplied. Please provide port number to lisen, for example 1432"
    exit 1
fi

echo "please start client to connect to port "$1
hex=`echo "test" | nc -l $1 -i 1| xxd -p| tr -d "\n"| tr '[:lower:]' '[:upper:]'`

# simple check if it look like SSL handshake
if [ "${hex:0:4}" = "1603" ]; then
    echo "SSL Handshake found"
else
    echo "Error: Not SSL Handshake found"
    exit 2
fi

version=${hex:18:4}
echo "TLS version("$version")   "${TlsVersion[$version]}

cipher_len="0x"${hex:88:4}

echo "cipher len: "$cipher_len
echo "---------------------------"
for (( i=92; i<$(($cipher_len*2+92)); i=i+4 ))
do 
    c=${hex:$i:4}
    echo  "cipher("$c")  "${Cipher[$c]}    
done
echo "---------------------------"

and the constants as separate script, since you need to update according new TLS RFCs

Name:ciphers.list

declare -A TlsVersion
TlsVersion[0300]="SSL 3.0"
TlsVersion[0301]="TLS 1.0"
TlsVersion[0302]="TLS 1.1"
TlsVersion[0303]="TLS 1.2"

declare -A Cipher
Cipher[0001]=TLS_RSA_WITH_NULL_MD5
Cipher[0002]=TLS_RSA_WITH_NULL_SHA
Cipher[0003]=TLS_RSA_EXPORT_WITH_RC4_40_MD5
Cipher[0004]=TLS_RSA_WITH_RC4_128_MD5
Cipher[0005]=TLS_RSA_WITH_RC4_128_SHA
Cipher[0006]=TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
Cipher[0007]=TLS_RSA_WITH_IDEA_CBC_SHA
Cipher[0008]=TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
Cipher[0009]=TLS_RSA_WITH_DES_CBC_SHA
Cipher[000A]=TLS_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[000B]=TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA
Cipher[000C]=TLS_DH_DSS_WITH_DES_CBC_SHA
Cipher[000D]=TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA
Cipher[000E]=TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA
Cipher[000F]=TLS_DH_RSA_WITH_DES_CBC_SHA
Cipher[0010]=TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[0011]=TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
Cipher[0012]=TLS_DHE_DSS_WITH_DES_CBC_SHA
Cipher[0013]=TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
Cipher[0014]=TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
Cipher[0015]=TLS_DHE_RSA_WITH_DES_CBC_SHA
Cipher[0016]=TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[0017]=TLS_DH_anon_EXPORT_WITH_RC4_40_MD5
Cipher[0018]=TLS_DH_anon_WITH_RC4_128_MD5
Cipher[0019]=TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA
Cipher[001A]=TLS_DH_anon_WITH_DES_CBC_SHA
Cipher[001B]=TLS_DH_anon_WITH_3DES_EDE_CBC_SHA
Cipher[001E]=TLS_KRB5_WITH_DES_CBC_SHA
Cipher[001F]=TLS_KRB5_WITH_3DES_EDE_CBC_SHA
Cipher[0020]=TLS_KRB5_WITH_RC4_128_SHA
Cipher[0021]=TLS_KRB5_WITH_IDEA_CBC_SHA
Cipher[0022]=TLS_KRB5_WITH_DES_CBC_MD5
Cipher[0023]=TLS_KRB5_WITH_3DES_EDE_CBC_MD5
Cipher[0024]=TLS_KRB5_WITH_RC4_128_MD5
Cipher[0025]=TLS_KRB5_WITH_IDEA_CBC_MD5
Cipher[0026]=TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA
Cipher[0027]=TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA
Cipher[0028]=TLS_KRB5_EXPORT_WITH_RC4_40_SHA
Cipher[0029]=TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5
Cipher[002A]=TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5
Cipher[002B]=TLS_KRB5_EXPORT_WITH_RC4_40_MD5
Cipher[002C]=TLS_PSK_WITH_NULL_SHA
Cipher[002D]=TLS_DHE_PSK_WITH_NULL_SHA
Cipher[002E]=TLS_RSA_PSK_WITH_NULL_SHA
Cipher[002F]=TLS_RSA_WITH_AES_128_CBC_SHA
Cipher[0030]=TLS_DH_DSS_WITH_AES_128_CBC_SHA
Cipher[0031]=TLS_DH_RSA_WITH_AES_128_CBC_SHA
Cipher[0032]=TLS_DHE_DSS_WITH_AES_128_CBC_SHA
Cipher[0033]=TLS_DHE_RSA_WITH_AES_128_CBC_SHA
Cipher[0034]=TLS_DH_anon_WITH_AES_128_CBC_SHA
Cipher[0035]=TLS_RSA_WITH_AES_256_CBC_SHA
Cipher[0036]=TLS_DH_DSS_WITH_AES_256_CBC_SHA
Cipher[0037]=TLS_DH_RSA_WITH_AES_256_CBC_SHA
Cipher[0038]=TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Cipher[0039]=TLS_DHE_RSA_WITH_AES_256_CBC_SHA
Cipher[003A]=TLS_DH_anon_WITH_AES_256_CBC_SHA
Cipher[003B]=TLS_RSA_WITH_NULL_SHA256
Cipher[003C]=TLS_RSA_WITH_AES_128_CBC_SHA256
Cipher[003D]=TLS_RSA_WITH_AES_256_CBC_SHA256
Cipher[003E]=TLS_DH_DSS_WITH_AES_128_CBC_SHA256
Cipher[003F]=TLS_DH_RSA_WITH_AES_128_CBC_SHA256
Cipher[0040]=TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
Cipher[0041]=TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
Cipher[0042]=TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA
Cipher[0043]=TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA
Cipher[0044]=TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA
Cipher[0045]=TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
Cipher[0046]=TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA
Cipher[0067]=TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
Cipher[0068]=TLS_DH_DSS_WITH_AES_256_CBC_SHA256
Cipher[0069]=TLS_DH_RSA_WITH_AES_256_CBC_SHA256
Cipher[006A]=TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
Cipher[006B]=TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
Cipher[006C]=TLS_DH_anon_WITH_AES_128_CBC_SHA256
Cipher[006D]=TLS_DH_anon_WITH_AES_256_CBC_SHA256
Cipher[0084]=TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
Cipher[0085]=TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA
Cipher[0086]=TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA
Cipher[0087]=TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA
Cipher[0088]=TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
Cipher[0089]=TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA
Cipher[008A]=TLS_PSK_WITH_RC4_128_SHA
Cipher[008B]=TLS_PSK_WITH_3DES_EDE_CBC_SHA
Cipher[008C]=TLS_PSK_WITH_AES_128_CBC_SHA
Cipher[008D]=TLS_PSK_WITH_AES_256_CBC_SHA
Cipher[008E]=TLS_DHE_PSK_WITH_RC4_128_SHA
Cipher[008F]=TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA
Cipher[0090]=TLS_DHE_PSK_WITH_AES_128_CBC_SHA
Cipher[0091]=TLS_DHE_PSK_WITH_AES_256_CBC_SHA
Cipher[0092]=TLS_RSA_PSK_WITH_RC4_128_SHA
Cipher[0093]=TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA
Cipher[0094]=TLS_RSA_PSK_WITH_AES_128_CBC_SHA
Cipher[0095]=TLS_RSA_PSK_WITH_AES_256_CBC_SHA
Cipher[0096]=TLS_RSA_WITH_SEED_CBC_SHA
Cipher[0097]=TLS_DH_DSS_WITH_SEED_CBC_SHA
Cipher[0098]=TLS_DH_RSA_WITH_SEED_CBC_SHA
Cipher[0099]=TLS_DHE_DSS_WITH_SEED_CBC_SHA
Cipher[009A]=TLS_DHE_RSA_WITH_SEED_CBC_SHA
Cipher[009B]=TLS_DH_anon_WITH_SEED_CBC_SHA
Cipher[009C]=TLS_RSA_WITH_AES_128_GCM_SHA256
Cipher[009D]=TLS_RSA_WITH_AES_256_GCM_SHA384
Cipher[009E]=TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
Cipher[009F]=TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
Cipher[00A0]=TLS_DH_RSA_WITH_AES_128_GCM_SHA256
Cipher[00A1]=TLS_DH_RSA_WITH_AES_256_GCM_SHA384
Cipher[00A2]=TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
Cipher[00A3]=TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
Cipher[00A4]=TLS_DH_DSS_WITH_AES_128_GCM_SHA256
Cipher[00A5]=TLS_DH_DSS_WITH_AES_256_GCM_SHA384
Cipher[00A6]=TLS_DH_anon_WITH_AES_128_GCM_SHA256
Cipher[00A7]=TLS_DH_anon_WITH_AES_256_GCM_SHA384
Cipher[00A8]=TLS_PSK_WITH_AES_128_GCM_SHA256
Cipher[00A9]=TLS_PSK_WITH_AES_256_GCM_SHA384
Cipher[00AA]=TLS_DHE_PSK_WITH_AES_128_GCM_SHA256
Cipher[00AB]=TLS_DHE_PSK_WITH_AES_256_GCM_SHA384
Cipher[00AC]=TLS_RSA_PSK_WITH_AES_128_GCM_SHA256
Cipher[00AD]=TLS_RSA_PSK_WITH_AES_256_GCM_SHA384
Cipher[00AE]=TLS_PSK_WITH_AES_128_CBC_SHA256
Cipher[00AF]=TLS_PSK_WITH_AES_256_CBC_SHA384
Cipher[00B0]=TLS_PSK_WITH_NULL_SHA256
Cipher[00B1]=TLS_PSK_WITH_NULL_SHA384
Cipher[00B2]=TLS_DHE_PSK_WITH_AES_128_CBC_SHA256
Cipher[00B3]=TLS_DHE_PSK_WITH_AES_256_CBC_SHA384
Cipher[00B4]=TLS_DHE_PSK_WITH_NULL_SHA256
Cipher[00B5]=TLS_DHE_PSK_WITH_NULL_SHA384
Cipher[00B6]=TLS_RSA_PSK_WITH_AES_128_CBC_SHA256
Cipher[00B7]=TLS_RSA_PSK_WITH_AES_256_CBC_SHA384
Cipher[00B8]=TLS_RSA_PSK_WITH_NULL_SHA256
Cipher[00B9]=TLS_RSA_PSK_WITH_NULL_SHA384
Cipher[00BA]=TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00BB]=TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00BC]=TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00BD]=TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00BE]=TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00BF]=TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256
Cipher[00C0]=TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00C1]=TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00C2]=TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00C3]=TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00C4]=TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00C5]=TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256
Cipher[00FF]=TLS_EMPTY_RENEGOTIATION_INFO_SCSV
Cipher[5600]=TLS_FALLBACK_SCSV
Cipher[C001]=TLS_ECDH_ECDSA_WITH_NULL_SHA
Cipher[C002]=TLS_ECDH_ECDSA_WITH_RC4_128_SHA
Cipher[C003]=TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA
Cipher[C004]=TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA
Cipher[C005]=TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA
Cipher[C006]=TLS_ECDHE_ECDSA_WITH_NULL_SHA
Cipher[C007]=TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
Cipher[C008]=TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
Cipher[C009]=TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Cipher[C00A]=TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
Cipher[C00B]=TLS_ECDH_RSA_WITH_NULL_SHA
Cipher[C00C]=TLS_ECDH_RSA_WITH_RC4_128_SHA
Cipher[C00D]=TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[C00E]=TLS_ECDH_RSA_WITH_AES_128_CBC_SHA
Cipher[C00F]=TLS_ECDH_RSA_WITH_AES_256_CBC_SHA
Cipher[C010]=TLS_ECDHE_RSA_WITH_NULL_SHA
Cipher[C011]=TLS_ECDHE_RSA_WITH_RC4_128_SHA
Cipher[C012]=TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[C013]=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Cipher[C014]=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
Cipher[C015]=TLS_ECDH_anon_WITH_NULL_SHA
Cipher[C016]=TLS_ECDH_anon_WITH_RC4_128_SHA
Cipher[C017]=TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA
Cipher[C018]=TLS_ECDH_anon_WITH_AES_128_CBC_SHA
Cipher[C019]=TLS_ECDH_anon_WITH_AES_256_CBC_SHA
Cipher[C01A]=TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA
Cipher[C01B]=TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA
Cipher[C01C]=TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA
Cipher[C01D]=TLS_SRP_SHA_WITH_AES_128_CBC_SHA
Cipher[C01E]=TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
Cipher[C01F]=TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA
Cipher[C020]=TLS_SRP_SHA_WITH_AES_256_CBC_SHA
Cipher[C021]=TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA
Cipher[C022]=TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA
Cipher[C023]=TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
Cipher[C024]=TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
Cipher[C025]=TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256
Cipher[C026]=TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384
Cipher[C027]=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
Cipher[C028]=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Cipher[C029]=TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256
Cipher[C02A]=TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384
Cipher[C02B]=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
Cipher[C02C]=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Cipher[C02D]=TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256
Cipher[C02E]=TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384
Cipher[C02F]=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
Cipher[C030]=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
Cipher[C031]=TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256
Cipher[C032]=TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384
Cipher[C033]=TLS_ECDHE_PSK_WITH_RC4_128_SHA
Cipher[C034]=TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA
Cipher[C035]=TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA
Cipher[C036]=TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA
Cipher[C037]=TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256
Cipher[C038]=TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384
Cipher[C039]=TLS_ECDHE_PSK_WITH_NULL_SHA
Cipher[C03A]=TLS_ECDHE_PSK_WITH_NULL_SHA256
Cipher[C03B]=TLS_ECDHE_PSK_WITH_NULL_SHA384
Cipher[C03C]=TLS_RSA_WITH_ARIA_128_CBC_SHA256
Cipher[C03D]=TLS_RSA_WITH_ARIA_256_CBC_SHA384
Cipher[C03E]=TLS_DH_DSS_WITH_ARIA_128_CBC_SHA256
Cipher[C03F]=TLS_DH_DSS_WITH_ARIA_256_CBC_SHA384
Cipher[C040]=TLS_DH_RSA_WITH_ARIA_128_CBC_SHA256
Cipher[C041]=TLS_DH_RSA_WITH_ARIA_256_CBC_SHA384
Cipher[C042]=TLS_DHE_DSS_WITH_ARIA_128_CBC_SHA256
Cipher[C043]=TLS_DHE_DSS_WITH_ARIA_256_CBC_SHA384
Cipher[C044]=TLS_DHE_RSA_WITH_ARIA_128_CBC_SHA256
Cipher[C045]=TLS_DHE_RSA_WITH_ARIA_256_CBC_SHA384
Cipher[C046]=TLS_DH_anon_WITH_ARIA_128_CBC_SHA256
Cipher[C047]=TLS_DH_anon_WITH_ARIA_256_CBC_SHA384
Cipher[C048]=TLS_ECDHE_ECDSA_WITH_ARIA_128_CBC_SHA256
Cipher[C049]=TLS_ECDHE_ECDSA_WITH_ARIA_256_CBC_SHA384
Cipher[C04A]=TLS_ECDH_ECDSA_WITH_ARIA_128_CBC_SHA256
Cipher[C04B]=TLS_ECDH_ECDSA_WITH_ARIA_256_CBC_SHA384
Cipher[C04C]=TLS_ECDHE_RSA_WITH_ARIA_128_CBC_SHA256
Cipher[C04D]=TLS_ECDHE_RSA_WITH_ARIA_256_CBC_SHA384
Cipher[C04E]=TLS_ECDH_RSA_WITH_ARIA_128_CBC_SHA256
Cipher[C04F]=TLS_ECDH_RSA_WITH_ARIA_256_CBC_SHA384
Cipher[C050]=TLS_RSA_WITH_ARIA_128_GCM_SHA256
Cipher[C051]=TLS_RSA_WITH_ARIA_256_GCM_SHA384
Cipher[C052]=TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
Cipher[C053]=TLS_DHE_RSA_WITH_ARIA_256_GCM_SHA384
Cipher[C054]=TLS_DH_RSA_WITH_ARIA_128_GCM_SHA256
Cipher[C055]=TLS_DH_RSA_WITH_ARIA_256_GCM_SHA384
Cipher[C056]=TLS_DHE_DSS_WITH_ARIA_128_GCM_SHA256
Cipher[C057]=TLS_DHE_DSS_WITH_ARIA_256_GCM_SHA384
Cipher[C058]=TLS_DH_DSS_WITH_ARIA_128_GCM_SHA256
Cipher[C059]=TLS_DH_DSS_WITH_ARIA_256_GCM_SHA384
Cipher[C05A]=TLS_DH_anon_WITH_ARIA_128_GCM_SHA256
Cipher[C05B]=TLS_DH_anon_WITH_ARIA_256_GCM_SHA384
Cipher[C05C]=TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
Cipher[C05D]=TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
Cipher[C05E]=TLS_ECDH_ECDSA_WITH_ARIA_128_GCM_SHA256
Cipher[C05F]=TLS_ECDH_ECDSA_WITH_ARIA_256_GCM_SHA384
Cipher[C060]=TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
Cipher[C061]=TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384
Cipher[C062]=TLS_ECDH_RSA_WITH_ARIA_128_GCM_SHA256
Cipher[C063]=TLS_ECDH_RSA_WITH_ARIA_256_GCM_SHA384
Cipher[C064]=TLS_PSK_WITH_ARIA_128_CBC_SHA256
Cipher[C065]=TLS_PSK_WITH_ARIA_256_CBC_SHA384
Cipher[C066]=TLS_DHE_PSK_WITH_ARIA_128_CBC_SHA256
Cipher[C067]=TLS_DHE_PSK_WITH_ARIA_256_CBC_SHA384
Cipher[C068]=TLS_RSA_PSK_WITH_ARIA_128_CBC_SHA256
Cipher[C069]=TLS_RSA_PSK_WITH_ARIA_256_CBC_SHA384
Cipher[C06A]=TLS_PSK_WITH_ARIA_128_GCM_SHA256
Cipher[C06B]=TLS_PSK_WITH_ARIA_256_GCM_SHA384
Cipher[C06C]=TLS_DHE_PSK_WITH_ARIA_128_GCM_SHA256
Cipher[C06D]=TLS_DHE_PSK_WITH_ARIA_256_GCM_SHA384
Cipher[C06E]=TLS_RSA_PSK_WITH_ARIA_128_GCM_SHA256
Cipher[C06F]=TLS_RSA_PSK_WITH_ARIA_256_GCM_SHA384
Cipher[C070]=TLS_ECDHE_PSK_WITH_ARIA_128_CBC_SHA256
Cipher[C071]=TLS_ECDHE_PSK_WITH_ARIA_256_CBC_SHA384
Cipher[C072]=TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C073]=TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C074]=TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C075]=TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C076]=TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C077]=TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C078]=TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C079]=TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C07A]=TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C07B]=TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C07C]=TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C07D]=TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C07E]=TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C07F]=TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C080]=TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C081]=TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C082]=TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C083]=TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C084]=TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C085]=TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C086]=TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C087]=TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C088]=TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C089]=TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C08A]=TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C08B]=TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C08C]=TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C08D]=TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C08E]=TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C08F]=TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C090]=TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C091]=TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C092]=TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256
Cipher[C093]=TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384
Cipher[C094]=TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C095]=TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C096]=TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C097]=TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C098]=TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C099]=TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C09A]=TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256
Cipher[C09B]=TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384
Cipher[C09C]=TLS_RSA_WITH_AES_128_CCM
Cipher[C09D]=TLS_RSA_WITH_AES_256_CCM
Cipher[C09E]=TLS_DHE_RSA_WITH_AES_128_CCM
Cipher[C09F]=TLS_DHE_RSA_WITH_AES_256_CCM
Cipher[C0A0]=TLS_RSA_WITH_AES_128_CCM_8
Cipher[C0A1]=TLS_RSA_WITH_AES_256_CCM_8
Cipher[C0A2]=TLS_DHE_RSA_WITH_AES_128_CCM_8
Cipher[C0A3]=TLS_DHE_RSA_WITH_AES_256_CCM_8
Cipher[C0A4]=TLS_PSK_WITH_AES_128_CCM
Cipher[C0A5]=TLS_PSK_WITH_AES_256_CCM
Cipher[C0A6]=TLS_DHE_PSK_WITH_AES_128_CCM
Cipher[C0A7]=TLS_DHE_PSK_WITH_AES_256_CCM
Cipher[C0A8]=TLS_PSK_WITH_AES_128_CCM_8
Cipher[C0A9]=TLS_PSK_WITH_AES_256_CCM_8
Cipher[C0AA]=TLS_PSK_DHE_WITH_AES_128_CCM_8
Cipher[C0AB]=TLS_PSK_DHE_WITH_AES_256_CCM_8
Cipher[C0AC]=TLS_ECDHE_ECDSA_WITH_AES_128_CCM
Cipher[C0AD]=TLS_ECDHE_ECDSA_WITH_AES_256_CCM
Cipher[C0AE]=TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
Cipher[C0AF]=TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
Cipher[CCA8]=TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCA9]=TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCAA]=TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCAB]=TLS_PSK_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCAC]=TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCAD]=TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256
Cipher[CCAE]=TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256

Agile teams and security master role

Many companies develop with agile teams, like scrum teams. In the same time  security challenges lead to adding new members in the security team. Still,  the security of the code does not improve as requested.


The pure classical approach has a problem: Security and developer do not speak the same language and misunderstand frequently.  The results is silos- acting, isolation, finger pointing etc.

 The elegant solution is to build a security master in every developer team:

• Developer -  part of the team that can answer concrete engineering questions on daily bases
• Doted line report to security engineering  (20%-40% of yearly goes)
• Organic member – take an existing team member and build him to become security expert -    Security Trainings, Certification and Conferences etc.
• The Sec Master must not be: the worst coder that the team gladly will spare for security. He must be highly credible and respected.
• It has to report or escalate if serious security issues are coming in the developing

 Still, the you need:

• Security engineering department for security intensive projects, like Firewalls etc 
• Security Archotect
• Security Quality Assurance and IT Risk 
• Chef IT Security Officer 
• Security Operation
• all other security relevant departments, see ISO 27000 for more info 

How the organization is may look like, it is up to company. Here a simplified  example showing only some departments.

Active scripts with ZAP OWASP and ECMAScript

Active scripts with ZAP OWASP are excellent extension for custom test depending on you application logic. You want to use solid test, it is better to use Java plugins. Still, if you want to make fast test without investing many efforts scripting is the best option.

Before you being you need to know some small tricks

• if the script fails, it will be disabled. Look at the icon after the run.
• scripts can be activated and deactivate in the policy menu. During the development it is good to disable all other rules and test only the active scripts.
• you need to import some Java classes in Java Script (ECMAScrip Rhino). Rhino gives you  the possibility to use Java classes in you Java Script parts and this is very powerful.
• If you don't know which Java classes you need, have look at ZAP sources
• Like ever script most useful way is try and error. You do not have in ZAP  big debugging possibilities besides println.

I used ECMAScript (JavaSript) - Rhino but in previous blogs I used python, so feel free.

Here the important part of the script

Adding a custom header

 // set a additional Header
   httpRequestHeader = msg.getRequestHeader();
   httpRequestHeader.setHeader("additonalHeader","valueHeader");
   msg.setRequestHeader(httpRequestHeader); 

Adding a custom URL parameter

// add URL params
importClass(org.apache.commons.httpclient.URI);

 uri=httpRequestHeader.getURI();
 query=uri.getQuery();
 
   // check if query string is empty 
   if (query!="") {
     query=query+"&testParam=Values";
   } else {
     query=query+"testParam=Value"; 
 }
   newURI=org.apache.commons.httpclient.URI(uri.getScheme() , null , uri.getHost(),uri.getPort(), uri.getPath(), query, uri.getFragment());
   httpRequestHeader.setURI(newURI); 

adding a custom test (new line) to POST requests

 // append a new line to the HttpBody
importClass(org.zaproxy.zap.network.HttpRequestBody);

   if (msg.getRequestHeader().getMethod()=="POST") {
     newBody=org.zaproxy.zap.network.HttpRequestBody(msg.getRequestBody().toString() +  "\nMy Added HttpBody");
     msg.setRequestBody(newBody);
 }

After you send the packet

check if the response body contains some string

 // get response Body 
 rsp=msg.getResponseBody().toString();

 // see if conatins certain string 
 if (rsp.indexOf("Potental attack")>-1) {
  println('The response body contains the dangerous sting ""'); 

you can clone the request again and send second packet if the attack you are testing consist of multiple packets


A small example with all part can be seen below:

Enjoy 

importClass(org.zaproxy.zap.network.HttpRequestBody);
importClass(org.apache.commons.httpclient.URI);

function scanNode(as, msg) {
 // Debugging can be done using println like this


// importPackage(org.apache.commons.httpclient.URI);

 println('scan called for url=' + msg.getRequestHeader().getURI().toString());

 // Copy requests before reusing them
 msg = msg.cloneRequest();

     // set a additional Header
   httpRequestHeader = msg.getRequestHeader();
   httpRequestHeader.setHeader("additonalHeader","valueHeader");
   msg.setRequestHeader(httpRequestHeader);
 
 uri=httpRequestHeader.getURI();
 query=uri.getQuery();
 
   // check if query string is empty 
   if (query!="") {
     query=query+"&testParam=Values";
   } else {
     query=query+"testParam=Value"; 
 }
   newURI=org.apache.commons.httpclient.URI(uri.getScheme() , null , uri.getHost(),uri.getPort(), uri.getPath(), query, uri.getFragment());
   httpRequestHeader.setURI(newURI);


   // append a new line to the HttpBody
   if (msg.getRequestHeader().getMethod()=="POST") {
     newBody=org.zaproxy.zap.network.HttpRequestBody(msg.getRequestBody().toString() +  "\nMy Added HttpBody");
     msg.setRequestBody(newBody);
 }

 // sendAndReceive(msg, followRedirect, handleAntiCSRFtoken)
 as.sendAndReceive(msg, false, false);

 // get response Body 
 rsp=msg.getResponseBody().toString();

 // see if conatins certain string 
 if (rsp.indexOf("opengraphprotoco")>-1) {
  println('The response body contains the sting "opengraphprotoco"');

  // sending a second messge
  
  // Copy requests before reusing them
  msgSecond = msg.cloneRequest();

   // set a additional Header
    httpRequestHeader = msgSecond.getRequestHeader();
    httpRequestHeader.setHeader("additonalHeader-Second","valueHeader-Second");
    msgSecond.setRequestHeader(httpRequestHeader);
   
  as.sendAndReceive(msgSecond, false, false);

  // get response Header 
  rspSecond=msgSecond.getResponseHeader().toString();

  // see if conatins certain string 
  if (rspSecond.indexOf("Server: nginx")>-1) {

   // raise an Alert
   // raiseAlert(risk, int confidence, String name, String description, String uri, 
   //  String param, String attack, String otherInfo, String solution, String evidence, 
   //  int cweId, int wascId, HttpMessage msg)
   // risk: 0: info, 1: low, 2: medium, 3: high
   // confidence: 0: falsePositive, 1: low, 2: medium, 3: high, 4: confirmed

   as.raiseAlert(1, 1, 'My Test Vulnarability ', 'My Test vulnarability', msg.getRequestHeader().getURI().toString(), 
   query, 'Your attack', 'Any other info', 'The solution ', '', 0, 0, msg);
  }
 }

 // Test the responses and raise alerts as below
 msg.add
 // Check if the scan was stopped before performing lengthy tasks
 if (as.isStop()) {
  return
 }
 // Do lengthy task...
}

TCP data dumping - troubleshooting HTTP, REST and SAOP using port forwarding

Many times, application developer needs to understand what is transmitted between client and server (trouble shooting) . This could be the case in HTTP, WS Soap, RESTful API etc. For example search for missing headers, character encoding etc. 

It is a problem if you do not have root (or sudo) on the OS, so you can not use tcpdump, wireshark, snoop etc. You can achieve this by adding application server interceptors, but this is sometimes tricky and may take time. 

An easy way to solve this - port forwarding with mirroring the transmitted data to standard out (dump to standard out).  You don't need to be root (or similar) on the OS, but only control the client application conifg

Typical set up:

In order to take the trace you need change to this constellation

You need a simple java jar that forks and dumps the datagrams/messages to the std out in parallel to forwarding them. You can download the jar here

tcpport_forwarder_dumper.jar


Since it is public git project, feel free to improve.

https://github.com/tzvetkov75/tcpport_forwarder_dumper/blob/master/build/tcpport_forwarder_dumper.jar

Here are the step:

1. Run the port forward jar at the some local port. For the example above, port 2222 at the client machine, like in this  example:  

java -jar tcpport_forwarder_dumper.jar 2222 192.168.1.2:1234   

The result is that every connection on local port 2222 is forwarded to server destination (192.168.1.2:1234 at example)


2. Change the client application to connect to tcp forwarder instead of the server. At the example port 2222 on the same machine as the client 

3. Start to communicate and you will see datagrams to the std-out

TLS (HTTPS) is is not possible to ready even you dump it out ;-)

Enjoy, here an example


/build$ java -jar tcpport_forwarder_dumper.jar 2222 www.cnet.com:80
TCP Port forwarding - content logger (dummper to stdout) v0.1 vesselin
listen on local port 2222
Forwarding to www.cnet.com:80
TCP Forwarding 127.0.0.1:39263 <--> 77.109.131.235:80 started.
------- DATAGRAM ------------
GET http://www.cnet.com/index.html HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
Host: www.cnet.com


------- DATAGRAM ------------
HTTP/1.1 301 Moved Permanently
Server: nginx
Content-Type: text/html
Location: http://www.cnet.com/
Access-Control-Allow-Origin: http://www.cnet.com
Content-Length: 178
Accept-Ranges: bytes
Date: Sun, 25 Oct 2015 19:00:29 GMT
Connection: keep-alive
Set-Cookie: fly_geo={"countryCode": "ch"}; expires=Sun, 01-Nov-2015 19:00:29 GMT; path=/; domain=.cnet.com
Set-Cookie: fly_default_edition=us; expires=Sun, 01-Nov-2015 19:00:29 GMT; path=/; domain=.cnet.com
Set-Cookie: fly_device=desktop; expires=Sun, 01-Nov-2015 19:00:29 GMT; path=/; domain=.cnet.com
Set-Cookie: fly_zip=; expires=Sun, 01-Nov-2015 19:00:29 GMT; path=/; domain=.cnet.com

---

nginx

Active scan scripts for OWASP ZAP Porxy; examples

The ZAP Security proxy (The OWASP Zed Attack Proxy ) is an excellent tool for penetration testing. A significant part of ZAP is active scanning for known vulnerabilities, like SQL injection etc. The active scan rules are "some how hidden", thus encoded in the plugins in Java and not editable on the fly. If you want to change them you will have to start programming  plugins. The easy solution: you may use scan scripts to create your scan pattern. The active  scripts run automatically during the scan. You may activate them per rule with right click and/or globally using the active scan configuration as shown on the picture down (ZAP version 2.3).

If you are not familiar with the ZAP source code and you need fast way to add your own pattern, then you may struggle a lot. For this reason, here are some examples. The examples are written jpython, which is personal choice.

The example refers ZAP v2.3.

Set an additional HTTP Header

you need to add the code within your scan function. Here jpython template. 

def scan(sas, msg, param, value):

  # Copy requests before reusing them
  msg = msg.cloneRequest();

  # set a Http Header
  httpRequestHeader = msg.getRequestHeader();
  httpRequestHeader.setHeader("additonalHeader","valueHeader");
  msg.setRequestHeader(httpRequestHeader);

Append URL Query parameter with the following 

import org.apache.commons.httpclient.URI; # append URL Query parameter
...
...
  uri=httpRequestHeader.getURI();
  query=uri.getQuery();

  # check if query string is empty 
  if not query=="":
   query=query+"&testParam=Values";
  else:
   query=query+"testParam=Value"; 
  newURI=org.apache.commons.httpclient.URI(uri.getScheme() , None , uri.getHost(),
  uri.getPort(), uri.getPath(), query, uri.getFragment());
  httpRequestHeader.setURI(newURI); 

New Http Body of POST request 

import org.zaproxy.zap.network.HttpRequestBody;
...
...
 # set a new HttpBody of POST reqest
  if msg.getRequestHeader().getMethod()=="POST":
   newBody=org.zaproxy.zap.network.HttpRequestBody("My New HttpBody");
   msg.setRequestBody(newBody);

Append  to existing HTTP Body 

import org.zaproxy.zap.network.HttpRequestBody;

...
...
  # append a new line to the HttpBody
  if msg.getRequestHeader().getMethod()=="POST":
   newBody=org.zaproxy.zap.network.HttpRequestBody(msg.getRequestBody().toString() +
   "\nMy Added HttpBody");
   msg.setRequestBody(newBody);

Please Note that if you put Body to GET request, the script will fail with timeout.

If you are puzzled where to put all these snippets,here is following hole scrip.

Note: The script down do not simulates attack or has general purpose. It shows how embedded code parts in default template with minimal change.

"""
The scan function will typically be called for every parameter in every URL and Form for every page 

Note that new active scripts will initially be disabled
Right click the script in the Scripts tree and select "enable"  
"""
import org.zaproxy.zap.network.HttpRequestBody;
import org.apache.commons.httpclient.URI;

def scan(sas, msg, param, value):


  # Copy requests before reusing them
  msg = msg.cloneRequest();

  # set a additional Header
  httpRequestHeader = msg.getRequestHeader();
  httpRequestHeader.setHeader("additonalHeader","valueHeader");
  msg.setRequestHeader(httpRequestHeader);

  # append URL Query parameter
  uri=httpRequestHeader.getURI();
  query=uri.getQuery();

  # check if query string is empty 
  if not query=="":
   query=query+"&MyParam=Value";
  else:
   query=query+"MyParam=Value";

  newURI=org.apache.commons.httpclient.URI(uri.getScheme() , None , uri.getHost(), uri.getPort(), uri.getPath(), query, uri.getFragment());
  httpRequestHeader.setURI(newURI);  

  # set a new HttpBody of the reqest
  if msg.getRequestHeader().getMethod()=="POST":
   newBody=org.zaproxy.zap.network.HttpRequestBody("My New HttpBody");
   msg.setRequestBody(newBody);

  # append a new line to the HttpBody
  if msg.getRequestHeader().getMethod()=="POST":
   newBody=org.zaproxy.zap.network.HttpRequestBody(msg.getRequestBody().toString() + "\nMy Added HttpBody");
   msg.setRequestBody(newBody);

  print('Custom scan called for url=' + msg.getRequestHeader().getURI().toString());

  # sendAndReceive(msg, followRedirect, handleAntiCSRFtoken)
  sas.sendAndReceive(msg, True, False);

  # Test the response here, and make other requests as required
  if (True):
   # Change to a test which detects the vulnerability
    # raiseAlert(risk, int reliability, String name, String description, String uri, 
    #  String param, String attack, String otherInfo, String solution, String evidence, 
    #  int cweId, int wascId, HttpMessage msg)
    # risk: 0: info, 1: low, 2: medium, 3: high
    # reliability: 0: falsePassitive, 1: suspicious, 2: warning
 
    sas.raiseAlert(1, 1, 'Active Vulnerability title', 'Full description', 
    msg.getRequestHeader().getURI().toString(), 
      param, 'Your attack', 'Any other info', 'The solution ', '', 0, 0, msg);

Enjoy your ZAP scripts

Lightweight Security Framework for Developer

Common Security Frameworks are too abstract and far away from service development. There are a plenty of security related frameworks like: ISO 27000, COBIT, BSIMM-V, BSI 100, x805, NIST SP 800-12, Basel II, Cisco SCF etc. They are all  excellent comprehensive models from security point of view.

Drawback of the security models is the huge information and missing integration in the various developing models. The development use agile, scrum, waterfall, ITIL etc. style of development and it is not obvious how it maps to the security model.  

The trend: agile and rapid development does not fit in the heavy security models. It looks like a dinosaurs of security and mouse of tiny agile development. The security mainly uses top-down approach, multiple committees, segregation of duties etc. The development currently makes shots cycles, sprints of 14 days for example, continuous development, flat hierarchies etc. It is very difficult to handle agile models with heavy security standards.

All this motivated me to develop as light as possible security models which are:

• Understood by the developers and reflect most common development cycle
• Cover as many as possible security aspects and be touch-point to security departments
• Do not require intensive study than a short lookup to get the point 

This model bases on ITIL cycle as most common, but sure can fit in ISO 9000 Plan-Do-check-Act. It is not comprehensive buts cover most of the security problems.

Design Phase: 

There 7 important security questions which needs to be discussed

• Authentication – Do you have properly implemented user authentication 
• Authorization – How to you assure only authorized user access features (data). 
• Horizontal attack - user A tries to access information on other user B 
• Vertical attacks: User A try to obtain higher administrator rights
• Integrity – How you prevent data to be manipulated. 
• Commutation to the front site
• Data stored in the database.
• Confidentiality on:
• The commutation to the front 
• Stored data
• Auditing – can you audit the data or is it needed to be audited by the legal authorities?
• Intrusion – how you detects or prevent and intrusion? Can you detect employee trying the hack a web portal for example.

The main Blocks are:

• Threat model – What are you protecting from? Thus: insider, internet user, intranet, hardware access etc. This must be very clear before designing any technical mechanisms. 
• Risk management. You may want to protect from all possible attacks, but costs will not allow this for sure.  Risk management (risk = potential loses X likelihood)  helps you at early stage to agree what are the risks to be address : you may implement some countermeasures to reduce the risks (mitigation). Alternatively, you may transfer the risk to some else (who is better paid and you hate).  Risk Acceptance means it is not worth of inversing in mitigation. With Risk Reject you agree that this cannot be handled and stop the service.
• Technical Mechanisms. This is the main part, where the technical aspect are described (similar to high and low level design)  
• Incident handling, Auditing and Monitoring need also to be well planned in the design phase.

It is very important to understand that you have two aspects

• Service. For Example an  E-Banking Service 
• Underlining infrastructure (OS, Application Server, Network) 

There are different planes, which need to be covered:

• User Plane, where you deliver the service
• Provisioning, where you automatically provision customer (probably) by the business. 
• Management and Administration – Where do the administrator manage this service. 

Transition Phase

Acceptance tests are done as quality assurance and general hand-over to operational department. From security point of view, there are some very important tasks

• Code and Configuration/Settings evaluation. Make a cross check if the code is well written and configurations hardened. They referred as a white-box  evaluation.
• Ethical hacking. You may preform penetration tests (black box or gray box)  by independent group.  This may be like simple certification.  It can be very valuable to end product customer.
• Risk Management. In all these cross checks, there will be some finding. You need to make again risk management to set what to fix and what can wait.
• Security Training –   as part of the general Service training 
• Simulation.  You should practice some precedents to see how the organization and processes are working.  The exercise are extremely important, think on fire exercises.

Operation

• Security Monitoring – Do you know who is happening on your front servers?
• Incidents handling. Handle incidents for example server hacked
• Vulnerability management -  security patches on daily bases are very important 
• KPI and Analysis – you cannot improve without quantitative measurement. The main problem is  conflict of interests – mostly the responsible colleagues for KPI are the same responsible for the operation.  So, no one gives him a bad score.
• Auditing – regular independent audit.

Big picture 

There is another small drawing which explains the relation between security strategy (long term), policy (medium terms), security technical standard etc. To realize security there must be three pillars: organization, resources (technical, docs and people) and process.  The security development cycled is part of the product development cycle.

What does the project leader should know or the nine phases of projects

Every project manager knows about miles stones, checkpoints, deliverables and phases. There are plenty of frameworks, ITIL, COBIT, TOGAF etc.

The project leaders all are missing the emotional phases of the project. Every new project passes through psychological phases. There phases must be guided by the project lead or scrum master. The phases for my perspective are:

1. Enthusiasm
   The start phase is the strongest one. Every one believes in the ides and gives and dreams of golden future. 
   
   
   Tip: Keep the targets very realistic. Try to keep the enthusiasm as long as possible. 
   
   
2. Disillusionment
   Soon the team starts understand how complex the things could be and the real problems. The team understands that it may repeats the mistakes form previous projects, which failed.
   
   
   Tip: Try to structure and understand the problems. Try to work step-by-step, follow framework, checklist etc. Do no make long emotional meeting which may motivated more.

3. Panic
   After the disillusion comes panic: team can not handle these problems, the management should do something. It depends strictly if the leader may control the previous state of disillusion and has demonstrated control of the situation.
   
   
    Tip: Listen and passively relax your colleagues. Try to keep focus on different     tasks. Keep the team busy. Last but to least,do not take very serious the emotional worlds like “the company will collapse tomorrow if you do not immediately ….”.
   
   

3. Search for the guilty
   This is the phase of the conspiracy, gossips and rumors. Even not obviously this is very intensive process of “we and they” separation.
   
   
   Tip: try to show always to positive characteristics of colleagues. Everyone has positive and negative characteristics. Focus on unknown bad ghost, like the “investor is the bad guy”.
   Discussions “lesson learned” is not always good solution. Criticism may burn bridges between the collages. The good relation can not be reestablished even for years. Lessons learned must be made objective and mostly by experienced colleagues. I personally prefer interviews.
   
   
4. Punishment of the innocent
   The reaction of panic is seeking for the guilty. The question if this will be known person or an unknown ghost.
   
   
   Tip: Delay the punishment as long as possible. In a month it may look different.

6. Praise and honor for the nonparticipants
   Destroying a project is easy task. Sure they are many people, who “knew it from the very beginning”
   
   
   Tip: Do no participate. Soon there will be a second project and you will meet the same project again.

There is also a positive cycle:

7. Blind playing
   The team does something but can not define in which direction and can not explain what is the purpose of the tasks. Experimenting or playing is not very motivating, because there is not a clear way.
   
   
   Tip: do not lose to much time on the same tasks even not very perfectly explored. Keep on trying different options. The management wants real results and explanation “we are experimenting” can not be justified in long term.
   
   
8. I am God
   After blind experimenting, some members starts understanding how it works. These members start feeling as a God. They start working very focused. Still there are not real result.
   
   
   Tip: Unfortunately, some people can be arrogant to other members, who are still no very competent. Try the spread the know how. Sharing is extremely important.
   
   
9. Wow effect
   The project starts delivering some results. Every one starts believe and trust the team.
   
   
   Tip: Take the wave/wind and used the impulse for further projects. On the other hand, do not over estimate the next targets.

The importance of feedback in IT security and ethical hacking

Feedback is extremely important for every person, team, department, company. I do not mean feedback, like "you are doing OK, keep on this way", but real unpolished "raw" (market driven) feedback: Does the product sells, are they bugs, are customer's complains, it is generating a revenue? (The feedback need to be interpreted in the right way for sure.)
The short period feedback is core element of agile development: build, try, correct and rebuild. Without a feedback, the professionals become less efficient and the system become a bureaucracy.
How about IT security? Security solution and policies need also feedback, but oft it is not the case in may companies. There are very important points to be addressed:

• Do the companies know how may attacks they sustained and number of successful attacks?
• How many security bug were found internal and how fast are corrected?
• Does the security policies are controversially discussed and open-minded reviewed based on experience and statistics?
• Are there mechanisms to avoid blind following on meetings? Are they anchoring effects?
• Is it clear the resources and respectively money required for additional security?
• Is it clear the consequences of not following the security recommendation, like cutting bonuses? The consequence of policy exception for the manager must be also clear, they also have bonuses in the case of security bridge because of the exception.

Even all these points are answered, there is no guaranties that the statistic (feedback) reflect the security situation. Potentially, the hackers were busy elsewhere or were on holiday :-) For this reason, it is very important to make protectively security test or ethical hacking. For example: the software departments make acceptance tests (Unit-Tests) and the security department a security tests (penetration tests).
The security department needs as much feedback as every other department. Do not hide facts from the security :-) Otherwise, it becomes bureaucracy.

Innovation and issues with Corporate Identity and Project dedication

There are some contradictions between innovation and project dedication in the context of modern corporate identity. These are mostly overlooked by the leads or not optimal addressed. 
 When an employee identifies with his task than it works harder, it is happier and ready for extraordinary efforts. On higher layer, corporate identity homogenizes the international environment and helps overcoming the country/local/language problems. Corporate identity increases the productivity because there are less personal problems, like misunderstanding etc. Corporate identity helps the people to work in the same direction. 
Sentence: Corporate Identification with and Project dedication (identification) is good. Unfortunately, there are some cross site effects with innovation.
Innovation in the contexts of creativity and agile enterprise development means: 
Trying many innovative projects or services. A few of them will lead to success, but many will be canceled, since they can not deliver the needed profitable results (see previous post). Most companies follow this principle and start many innovation initiatives and pick-up the best to core business.
The employee with high identification and dedication, who worked on canceled project have risk of frustration. The have worked hard, achieved  good results, but the project is canceled. The reason for cancel is not because of the individual  performance, but due to some technological or economical reasons. The disappointment of these colleges is absolutely understandable. People loose  dedication after 2-3 of there bad experiences. “Every project is canceled independent of my performance at the end - why to rush for the next task?”   The individual loose motivation and there is serious risk that they get fired or leave because of poor performance. This is logical since they are not motivated.
If company permanently starts new initiatives and stop every 70% of them, it is very dangerous and may lead to bad moral at work. The companies need the innovation, so they need to keep on launching initiative.
How to solve the issues?

• Make it clear to the colleagues, how it works. Make it transparent. Not transparent decisions are not understood. Clear metrics and KPIs.
• Try to involve everyone in at least one successful project. Keep the people them busy.
• Try to use external staff for the first phases (high risk) and internal people only for the second phase, where the risk of failure is small.
  

Innovation and creativity in practical experiance

Innovation and creativity are mantras for the enterprises. Many classical enterprises look envying to Google and Co. and want to generate the same results. Many consultants promise to know the secret and urge to start innovation programs.
I believe  that creativity can be catalyzed or stimulated, but there are some framework conditions. I am not going to repeat the well known methods, but only give hints of critical points for the practices.

Agile development

1. General 

• Strict structures and processes kill the creativity. Leave always a little randomness.

• Missing structure and processes in company cause that the team start organizing them, which is waste of resources. The infrastructure are the tools, so they must be present.

• Teams are always happy with sustained position of of the management.

• To reduce the destructive klatch, the team needs to have enough to do. 

• To reduce the psychological pressure and the following mistakes, the team needs time for predefined creative breaks. The members gain distance on the issue, may look from at higher perspective. This is very typical for arts (painting, music etc), so the same for engineering.
  

2. Team building

 Core rule: the team must be as flat as possible; without any hierarchy like: architects, decision maker, solution engineering, project manager etc. 
Idea: Creativity is stimulated in self organizing structured. The natural properties of the members are important and not the titles. If someone is innovative let hear him. Naturally, there must be sufficient skills for the task.
Beside the team member, there are

• product owner - defines the requirements and accepts the solution. The product owner needs to start understanding difficulties of the team. This is very important that he is not only visitor, than he needs to understand deeply what the team does.
• organizer (scrum master) takes care on administrative and organizational work.

 

Classical problems

Team members still keep titles and positions: For example: I am project manager, ergo I lead and decide. Definitely not: scrum  master is not project manger and does not decide. I am architect, ergo I say how to be build.
Manager try to influence the team: I give you the budget, I am VIP so I desire how and when. There is not way to avoid this, but it decreases the creativity. There must be a balance.
Some people can not express in perfect way they are right. The best presentation is not the optimal solution always.

3. Susses at any costs

Classical manger want success at any price on every project. Success means service delivery on time. Creativity is not really predictable in this sense.
The only way to achieve success in classical understanding is to start many activities in parallel or wait sufficiently on one activity.  If you start many activities, it must be expected that only 30% will be success.
Following, I draw the deliveries in stages (sprints) relative to the target. They are self explaining.

4. Adjust the targets

The target may be adjusted at some point of development. The product owner is part of the team and he may see some potential in not originally expected objects. That is why he need daily to participate and gain experience. (not only marketing presentations)

 

5. Permanent Feedback and net Tasks

The permanent feedback and attention to the management is very important and motivation for the team. The team must be always fully loaded with interesting tasks. 

  

"Access only from trusted zone in untrusted zone". Is this a theory-induced blindness?

Ones, the theories are well studied and accepted, they are used without a doubt  everyday as a tool.  It is extremely difficult psychologically to  find flaws in them through critical questioning as Daniel Kahneman points in his book "thinking fast and slow". Security theories have the same characteristics.

There is a common security rule: "Assess only from trusted in less trusted zone. Never on inverse!". The motivation are taken from the abstraction on figure down. There is a citadel representing a trusted zone and untrusted zone (insecure) outside. 

And now in the practical scenario:

You have a Internet customer, who use a portal to update his secure data, like health information. How can you transfer the information form untrusted (Internet) in trusted zone (data centre) according this secure rule?

Security processional try to solve this dilemma with TCP polling proxy, thus changing the direction of the TCP session establishment: only from trusted to untrusted zone. The principle is the following: the Internet user deposits its request on the web server. The internal application server polls from trusted zone on regular intervals (several seconds) and takes the request form web server's depot. The response is deposit back to the web server.

Dose this polling solves the security problem? Not realy:

• The data is transported from Internet to the internal sever, no matter of the TCP session establishment. 
• If the data contains application malware, like SQL injection, then it is transported with several several seconds delay to the application server.

Probably, the mechanism prevents form some network attacks, like SYN Flood etc? Let me assume, there is network firewall between web and application server. Otherwise, how may you trust that only polling is made - control is better. Coming back to the original questions: does the polling protects form network attacks, if there is a firewall in between? Again no, because: Every modern firewall has: port restriction, statefull inspection, rate limit, request size limits, some DoS protection etc. If these firewall features are set up correctly,  I do not see what more polling can make for the network security. IP/TCP Network attacks will be blocked by well configured firewall and web server.

I can not find any reasonable argument, why changing the TCP direction establishment may improve the security in normal case (hypothetically, we may always make use of every theology even small). Even more,  the rule "Access only from trusted zone in untrusted zone" is theory-induced blindness. The application data travels always in both directions form trusted to untrused and vice versa. Even sendig a HTTP requests "GET"  may contains a potential attack in the header parameter. For the network attacks there is firewall.

My advise: if you are concerned on your application security,  hardening, code review, ethical hacking, WAF etc may be the solution you are looking for.

Why Digest (Nonce) authentication is less popular? or the long life of the week Basic authentication

Even young professionals know the difference between the basic and digest authentication, thus:  in basic authentication - the password is transmuted in clear (reverse calculable) and this is bad. On the other side digest authentication- the password is never transmitted over the transport channel than hashes of password with random nonce. These methods  are available in WS-Security , HTTP, PPP etc.  I am not going to describe it here again, see RFC 2617, RFC 1994, OASIS WS Sec username and token.


It is obvious conclusion avoid basic authentication and use digest, thus prevent sending the password in clear. So far so good, but still digest authentication is rare. Why ?


The answer is obvious but not really understood.


If you use digest authentication, then the user passwords must be stored in your database for verification, like LDAP, MySQL, Active Directory etc. Sure, the user passwords will be protected with some master key and symmetric encryption, but the user passwords are still there and reverse calculable. Every backup copy of the DB contains all user passwords. If someone stills your master key and the DB, then - bad luck :-( The administrator needs to think twice on how to handle this risk.

If you use basic authentication, then the user passwords do not need to be in the database at all. Practical, the database will contain seeded hashed of the user password, like in the Linux system. If a bad guy obtains a copy of the database, he will find only hashes and will never be capable to reverse calculate the real passwords. Sure, they are some rainbow attacks but let us leave them for a moment aside. The administrator will definitely prefer this way, less risk for him. Potentially, he will use TLS to protect the transport channel. He will hope that client verifies the TLS Server certificate as expected ;-)

At the end:


either you send the password in clear (basic auth) and don't sore it in the DB
or store the password in your database but don't send it  over transport channel client to server (digest auth).

It is your choice, but you need to understand it.

Historically, it is interesting to know that the Telcos do not trust the transport channel but their administrator. For this reasons, they use mostly CHAP on PPP (digest auth). On the other hand, the web enterprises trust the channel, but do not trust the administrator and use basic auth in order to avoid password in the database. It is a interesting that exactly core competency is doubted even this concussion is very simplified .