A common question on security surveys and often an item auditors love to point out because it’s “easy” is the question of SSLv2/3 support. SSLv2 is insecure and shouldn’t be used. Various sources can describe (pdf) the issues better than I, but I will say I don’t know if anyone has made SSLv2 attacks very practical, even if browsers dropped to SSLv2 anymore.
So how do you check what SSL version your web site supports?
1. SSLDigger available as a free Foundstone tool
SSLDigger is a GUI tool that accepts a site (or IP) and digs on the supported SSL ciphers. A nice tool, but it actually gives no distinction between what is SSLv2 and what is SSLv3. However, it does rate ciphers on how weak they are, which can be a nice guide if you’re digging down that deeply and enabling or disabling various individual ciphers.
2. THCSSLCheck
THCSSLCheck is a Windows command-line tool. THCSSLCheck takes things a step further and groups ciphers based on their SSL version, which is a nice indicator. Very clean!
3. OpenSSL
Yup, OpenSSL (Windows and Linux) can also check SSL strength, and might be the easiest test to understand. It also gives some content that it receives from the website. This is helpful if you have a proxy, filter, or load-balancer in the way that redirects SSLv2 connection attempts. The above two tools simply determine whether a cipher negotiation was successful, but they do not report any context. In my case, I have load-balancers in front of my web servers that answer to SSLv2 connections with a landing page saying we don’t support SSLv2. So, yes the scan showed a positive, but it’s not a real positive. OpenSSL will catch this if you wait a bit and hit enter a few times.
openssl s_client -connect www.mysite.com:443 -ssl2
michael,
nice article, i also wrote a tutorial on how to fingerprint ssl servers.
http://travisaltman.com/fingerprinting-ssl-tutorial/
you’re right i have not seen any exploits that leverage sslv2 but i guess it’s like most vulnerabilities, you’ll notify the client of the dangers even though you don’t have a working PoC.
That is an excellent article! Thank you for linking me over to it!
Adding a link to another tool SSLScan:
http://www.titania.co.uk/sslscan.php
In the post above you state that you were able to determine that a load balancer was presenting an SSLv2 certificate and that the actual web sites behind the load balancer were not vulnerable. I suspect I have a similar scenario in my environment.
Can you provide a bit more explanation on how to read the OpenSSL results to verify that this is occurring? I am not sure what I should be looking for in the connect results.
Adding another tool I’ve come across: sslyze
http://pauldotcom.com/2011/12/testing-your-ssl-configuration.html
Which gives information about the tool actually here:
http://code.google.com/p/sslyze/
Another tool, this one also helps scan for BEAST vulnerabilities (CBC ciphers, renegotiation…): SSL Labs Assessment Tool (Qualys)
https://community.qualys.com/blogs/securitylabs/2011/10/31/tls-renegotiation-and-denial-of-service-attacks