Ticketbleed #686

Closed
wants to merge 12 commits into
from

Projects

None yet

1 participant

@mogigoma
mogigoma commented Feb 9, 2017

Made a new script for Ticketbleed, a vuln that was announced within the last several hours. This branch also makes a convenience change to tls.lua that can be omitted if undesirable. This script borrows pieces from ssl-heartbleed.nse where useful.

Please note that I have not yet found any vulnerable systems, but I believe that with the amount of debugging and testing against unaffected systems that it will correctly flag an affected system. There are many, many guards against false positives.

Let me know if anything needs fixing, I will try to be responsive since this is a particularly 'topical' script.

@mogigoma
mogigoma commented Feb 9, 2017

I believe this script is ready for proper review. I managed to generate a PCAP file against a known-vulnerable host and iron out what I think are the last of the errors. The biggest change is moving from one byte session IDs to 16-byte session IDs random for reliability.

If others think it's a good idea, I can make the session ID length a tunable script-arg.

@nmap-bot nmap-bot closed this in 27785ce Feb 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment