Giters

tlsfuzzer / tlsfuzzer

SSL and TLS protocol test suite and fuzzer

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/runner.py", line 186, in run node.process(self.state) File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/messages.py", line 86, in process sock.connect((self.hostname, self.port))

higher75 opened this issue · comments

commented

Bug Report

sanity ...
Error encountered while processing node <tlsfuzzer.messages.Connect object at 0x7f72515620b8> (child: ClientHelloGenerator(ciphers=[47], compression=[0], extensions={65281: None})) with last message being: None
Error while processing
Traceback (most recent call last):
  File "test-cve-2016-2107.py", line 199, in main
    runner.run()
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/runner.py", line 186, in run
    node.process(self.state)
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/messages.py", line 86, in process
    sock.connect((self.hostname, self.port))
socket.timeout: timed out

CVE-2016-2107 ...
Error encountered while processing node <tlsfuzzer.messages.Connect object at 0x7f7251501be0> (child: ClientHelloGenerator(ciphers=[47], compression=[0], extensions={65281: None})) with last message being: None
Error while processing
Traceback (most recent call last):
  File "test-cve-2016-2107.py", line 199, in main
    runner.run()
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/runner.py", line 186, in run
    node.process(self.state)
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/messages.py", line 86, in process
    sock.connect((self.hostname, self.port))
socket.timeout: timed out

sanity ...
Error encountered while processing node <tlsfuzzer.messages.Connect object at 0x7f72515620b8> (child: ClientHelloGenerator(ciphers=[47], compression=[0], extensions={65281: None})) with last message being: None
Error while processing
Traceback (most recent call last):
  File "test-cve-2016-2107.py", line 199, in main
    runner.run()
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/runner.py", line 186, in run
    node.process(self.state)
  File "/usr/local/lib/python3.6/dist-packages/tlsfuzzer/messages.py", line 86, in process
    sock.connect((self.hostname, self.port))
socket.timeout: timed out
Test end
====================
version: 2
====================
TOTAL: 3
SKIP: 0
PASS: 0
XFAIL: 0
FAIL: 3
XPASS: 0
====================
FAILED:
	'CVE-2016-2107'
	'sanity'
	'sanity'

System Information

Type Version/Name
Operating System Name ubuntu
Operating System Version 18.04
Python version python3.6.9
tlslite-ng version 0.8.0a38
tlsfuzzer revision The latest version as of today

Problem description

A clear and concise description of what the bug is.

Describe how to reproduce the problem

(if the issue is interaction with some other system/library/application,
please provide relevant version numbers or commit IDs of it too.)

Steps to reproduce the behaviour:

1.sudo python3 test-cve-2016-2107.py -h <ip>

I have Certificate creation on my server and I used scay before_ ssl_ Fuzzer test successful
How can I solve it? Except for the -h parameter, I have not used any other parameters, nor do I know how to use it.

Expected behaviour

A concise description of what you expected to happen.

Include errors or backtraces

commented

socket.timeout: timed out suggests that the TCP connection failed, is your server running on point 4433? if not, you need to specify -p 443, or similar, when running the script

commented

btw, it's not necessary to run the regular scripts as root, you don't need to use sudo

commented

This problem has not been resolved, and the next problem will appear soon...I have targeted a virtual machine and used the self-certificate generated by openssl in the virtual machine, but I am executing python3 test-certificate-request. py -h -p <443>, the message "Test to confirm that the server accepts the empty certificate message" and
Only publish the expected signature algorithm in the certificate
Request for Information

End of test

Version: 7

Total: 2
Skip: 0
Qualified: 0
XFAIL: 0
Failure: 0
XPASS: 0

I used Wireshark and did not get the corresponding packet information. Do I need to specify some other parameters to run the file? I am a beginner, thank you very much for replying to my message, thank you

commented

test-certificate-request. py script requires a server with certificate based client authentication

if the server doesn't send a CertificateRequest message to ask the client for its certificate, then this script is not applicable to the server or you need to reconfigure the server to run the script (depends if you're interested in testing a specific configuration or performing a complete test coverage of a TLS implementation)

here are more scripts that require such behaviour from server:
https://github.com/tomato42/tlsfuzzer/blob/ac1b278c68ed96f1fed8f8d59310c0d2d1e1bd32/tests/tlslite-ng-random-subset.json#L332-L376

commented

I followed your prompt to run this script in linux,

python3 test-certificate-request.py -h 192.168.197.141 -p 443 -k ../tests/serverECKey.pem -c ../tests/serverECCert.pem
But the result is still the same as before,
Test end
====================
version: 7
====================
TOTAL: 5
SKIP: 0
PASS: 0
XFAIL: 0
FAIL: 5
XPASS: 0
====================
FAILED:
'check cert types in cert request'
'check sigalgs in cert request'
'sanity'
'sanity'
'with certificate'

What you said is correct, there is no certificate configured on my local machine, but the -c parameter of this script does not mean to specify a certificate, so do I need to configure a certificate?

commented

Thank you for your reply, it helped me a lot

commented

certificate based client authentication is a special server configuration, that means that a server that works with general scripts (like test-cve-2016-2107.py) won't work with with scripts that expect client certificates (like test-certificate-request. py). But that also means that a server that works with scripts that expect client certificates won't work with regular scripts.

Now, the next step depends on what you want to do:

  1. if you want to verify that a specific server configuration is not vulnerable, then you're done, you don't need to run scripts that test certificate based client authentication
  2. if you want to verify that the implementation is secure, then you have to configure it to ask client for certificates (and actually, there are a lot more options that need to be iterated over if a comprehensive test coverage is the goal, see https://tlsfuzzer.readthedocs.io/en/latest/ci-integration.html )
commented

@higher75 if you managed to run the test, please close this issue

Unless you have a suggestion to make the "Usage" section in README.md or the test execution section clearer https://tlsfuzzer.readthedocs.io/en/latest/quickstart.html#executing-a-test-case, I don't think there's anything more I can do

You're of course welcome to open new issues if you hit problems with other test scripts.