2014-07-28

Testing SSL certificates with Kali Linux and OWASP o-saft

Kali Linux is great stuff. Had some SSL certificates to test so decided to look at the SSL test tools included in the Kali distro.

The theory: What to look for

First it would be a good idea to know what to test for and why.

Wikipedia has a good introduction to TLS:
http://en.wikipedia.org/wiki/Transport_Layer_Security

OWASP's cheat sheet is a good overview of basic TLS security considerations:
https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

Qualys SSL Labs has a useful whitepaper describing SSL/TLS Deployment Best Practices.
https://www.ssllabs.com

The whitepaper has footnotes pointing to background articles describing recent developments in TLS security: 
  • Use of RC4
  • TLS Renegotiation
  • CRIME, TIME, BREACH, and BEAST attacks
  • Public key pinning
  • ECDSA certificates.

Shameless plug for SSL Labs

If you want to test a single certificate (or a browser's SSL implementation), SSL labs offers great web-based tools. Comprehensive diagnostics are provided. In-page links are given to point to relevant documentation.

If you test a company server, don't forget to click on the link "Do not show the results on the boards".

However if you need to do bulk testing of certificates (a la "pen test"), or want a tool for specialized testing, read on ....

 

Kali Linux installation

 

Base installation

The VMWare pre-built images lag the main distro release cycle so I opted to build my own Kali VM.

I downloaded the most recent Kali 32-bit ISO (v1.0.8) from Offensive Security:
 http://www.kali.org/downloads/


The ISO was installed into VMWare Workstation using the Kali Linux Hard Disk Install procedure.
http://docs.kali.org/installation/kali-linux-hard-disk-install

The install was text mode, not GUI, but the basic steps are outlined in Kali's documentation. Depending on when you do the install, it's a good idea to update to "latest and greatest" from the Kali mirrors. After the GRUB loader was put into the VM disk's MBR by the installer, Kali was ready to boot up.

VMWare Tools

Following the Kali documentation, I next installed open-vm-toolbox.
http://docs.kali.org/general-use/install-vmware-tools-kali-guest

Kali has a custom kernel that plays havoc with VMWare's standard VM Tools.

VM Cut+paste worked out of the box, but not shared folders. An easy workaround is winscp / sftp.

SSL V2 support

OpenSSL

OpenSSL's default compile does not include SSL V2 support. This limits / breaks the SSL validation tools.

Installing OpenSSL SSL V2 support is not difficult. Foundstone has a blow-by-blow Kali-specific writeup:
http://blog.opensecurityresearch.com/2013/05/fixing-sslv2-support-in-kali-linux.html

Be aware that there is a typo. The correct command is:
apt-get install devscripts


Perl Net::SSLeay

The OWASP o-saft SSL test tool requires Net::SSLeay. However the Perl module developers have removed SSL V2 support in their module (to avoid spurious error messages during installs).

To fully support o-saft function, a custom version of Net::SSLeay with SSL V2 support should be installed.

To do this, download the Net::SSLeay tarball from CPAN. At time of writing (2014-7-28), the CPAN page was here:
http://search.cpan.org/~mikem/Net-SSLeay-1.65/lib/Net/SSLeay.pod

and the tarball was here:
http://search.cpan.org/CPAN/authors/id/M/MI/MIKEM/Net-SSLeay-1.65.tar.gz

The recipe for building the custom Net::SSLeay is here:
http://www.techstacks.com/howto/enable-sslv2-methods-in-netssleay.html

To get things working. be sure to remove both #ifndef and the #ifdef stmts (as well as the corresponding #endifs) in the two places indicated in SSLeay.xs.

Once the new SSLeay module is compiled and installed (in /usr/local/lib), if o-saft still complains about lack of SSL v2 support, be sure that there is not another version of Net::SSLeay in a system library.

OWASP o-saft installation

Finally, install the OWASP o-saft tool. This tool is worth the trouble of installing because of the flexibility and detailed diagnostics provided. See the man page if you have any doubts about this:
https://www.owasp.org/index.php/O-Saft/Documentation

The o-saft tool can be downloaded from the OWASP web site here:
https://www.owasp.org/index.php/O-Saft

 The same page has installation instructions. Once the tarball has been downloaded / unpacked, go to CPAN to install the Perl module dependencies. But do *not* install Net::SSLeay (again) (of course!): IO::Socket::INET, IO::Socket::SSL.

The README in the install directory has to be renamed or the o-saft perl script will not start. This is the author's way of making sure everyone looks at the README.

Instead of installing the Net::SSLinfo module included in the o-saft tarball, I just told perl where to find it.
cd my_o-saft-dir
perl -I ./ o-saft.pl

Pick your favorite web server ("some.tld") and try some of the basic commands:
o-saft.pl +cipher some.tld
o-saft.pl +info   some.tld
o-saft.pl +check  some.tld
o-saft.pl +quick  some.tld
o-saft.pl +help=commands
o-saft.pl +list
o-saft.pl +list --v

SSL auditing

This is what we have all been waiting for. After looking at all the Kali SSL tools as well as OWASP's o-saft, here is my take on what's useful.


TLSSled - SSL Scanner


This is probably the most useful SSL scanner on the Kali distro, especially for bulk scans.

But taddong is apparently finished as a company. http://www.taddong.com/en/lab.html  So YMMV in the future.

The tool includes a good set of tests and provides full SSLScan output as a bonus.

From the tool web site:

TLSSLed is a Linux shell script whose purpose is to evaluate the security of a target SSL/TLS (HTTPS) web server implementation. It is based on sslscan, a thorough SSL/TLS scanner that is based on the openssl library, and on the "openssl s_client" command line tool. The current tests include checking if the target supports the SSLv2 protocol, the NULL cipher, weak ciphers based on their key length (40 or 56 bits), the availability of strong ciphers (like AES), if the digital certificate is MD5 signed, and the current SSL/TLS renegotiation capabilities. More information in our blog.

 

sslscan - Fast ssl scan 

http://sourceforge.net/projects/sslscan/


This is a fast tool that includes comprehensive checks. As mentioned above, TLSSled leverages sslscan.

From the tool web site:

SSLScan queries SSL services, such as HTTPS, in order to determine the ciphers that are supported. SSLScan is designed to be easy, lean and fast. The output includes prefered ciphers of the SSL service, the certificate and is in Text and XML formats.

The user can provide a list of ciphers in order to check if other ciphers are supported (which shouldn’t be).



SSLyze - python SSL scanner


The other Kali SSL scan tool to look at is SSLyze.


SSLyze is a Python tool that can analyze the SSL configuration of a server by connecting to it. It is designed to be fast and comprehensive, and should help organizations and testers identify misconfigurations affecting their SSL servers.


Key features include:
  • Multi-processed and multi-threaded scanning (it's fast)
  • SSL 2.0/3.0 and TLS 1.0/1.1/1.2 compatibility
  • Performance testing: session resumption and TLS tickets support
  • Security testing: weak cipher suites, insecure renegotiation, CRIME, Heartbleed and more
  • Server certificate validation and revocation checking through OCSP stapling
  • Support for StartTLS handshakes on SMTP, XMPP, LDAP, POP, IMAP, RDP and FTP
  • Support for client certificates when scanning servers that perform mutual authentication
  • XML output to further process the scan results
  • And much more !

$ python sslyze.py --regular www.isecpartners.com:443 www.google.com

Supports proxy “Http connect” to test through a proxy. Very nice. Fast.
sslyze  --resum --reneg --certinfo=full --compression --hide_rejected_ciphers --regular my.tld.com | less


The other Kali SSL tools

The other Kali SSL test tools are not basic validation tools per se, but provide other pen-testing functions:
  • sslcaudit: tests client-side SSL, tester provides a CA trusted by the client
  • ssldump: SSL-oriented trace. Handles pcap files as well.
  • sslh: SSL application protocol multiplexer. Run several services on the same port 443 to punch through firewalls.
  • sslsniff, sslsplit: SSL MITM
  • sslstrip: Marlingspike's https stripping attack
  • stunnel4

OWASP o-saft

As mentioned above, this perl-based tool provides a very complete set of diagnostics. See the man page for more information including use cases, and sample commands. (here)