Oracle Weblogic 10.3 + gnutls-cli = A TLS fatal...
Michael Meyer
mime at gmx.de
Wed Feb 17 20:51:12 CET 2010
*** Simon Josefsson <simon at josefsson.org> wrote:
> Michael Meyer <mime at gmx.de> writes:
> Identifying that with confidence requires access to the server to look
> at the actual server system. Looking at logs and/or the binaries may
> help.
There is a trial version available at
http://www.oracle.com/technology/software/products/ias/htdocs/wls_main.html
I have Oracle WebLogic Server 10.3 (also the trial version) running under a
Microsoft Windows XP.
> I don't think defaulting to insecure mode is a good idea.
[...]
> Using GnuTLS in known insecure modes just because there are broken
> servers out there doesn't seem like a good idea. Then you might as well
> not use TLS at all, and just use TCP?
Let me explain.
OpenVAS stands for Open Vulnerability Assessment System and is a
network security scanner. OpenVAS is a GPL fork of Nessus.
I try to write a plugin for
http://www.securityfocus.com/bid/37926
Normaly this is very simple. See
http://intevydis.blogspot.com/2010/01/oracle-weblogic-1032-node-manager-fun.html
For that a SSL connection is required.
in NASL (Nessus Attack Scripting Language) it would look like (simplified):
,---|
| port = 5556;
| soc = open_sock_tcp(port, transport: ENCAPS_SSLv3); # or ENCAPS_SSLv23, ENCAPS_TLSv1
|
| if(!soc) {
| display("NO SOCKET\n\n");
| } else {
| display("SOCKET OK\n\n");
| send(socket:soc, data: string("HELLO asdf\r\n"));
| buf = recv(socket:soc, length: 512);
| display("\n",buf,"\n\n");
| close(soc);
| }
`---|
Result should be "+OK Node manager v10.3 started". I got always "NO
SOCKET". With any kind of "transport". GnuTLS error at this point is:
"A TLS fatal alert has been received".
At this point, it's a problem, if GnuTLS (rather the NASL function
open_sock_tcp() which is using GnuTLS) cant't connect to the remote
service because of some problems (e.g. broken certificate, insecure
cipher, ...) on the remote side. It means that I can not recognize the
vulnerability. That's bad. ;)
That's why i need - whenever humanly possible - a succesfull
connection. In this case I'm not interested whether the connection is
really secure.
Micha
More information about the Gnutls-help
mailing list