feat: allow cipher enumeration in SSL protocol (#4297)

* feat: allow cipher enumeration in SSL protocol * cipher enum improvements --------- Co-authored-by: Tarun Koyalwar <tarun@projectdiscovery.io>
2023-11-17 10:18:34 +01:00 · 2023-11-17 10:18:34 +01:00 · ecae94d0cf
parent 775c7f762b
commit ecae94d0cf
1 changed files with 27 additions and 0 deletions
--- a/pkg/protocols/ssl/ssl.go
+++ b/pkg/protocols/ssl/ssl.go
@ -76,6 +76,22 @@ type Request struct {
 	//   - "auto"
 	//	 - "openssl" # reverts to "auto" is openssl is not installed
 	ScanMode string `yaml:"scan_mode,omitempty" json:"scan_mode,omitempty" jsonschema:"title=Scan Mode,description=Scan Mode - auto if not specified.,enum=ctls,enum=ztls,enum=auto"`
+	// description: |
+	//   TLS Versions Enum - false if not specified
+	//   Enumerates supported TLS versions
+	TLSVersionsEnum bool `yaml:"tls_versions_enum,omitempty" json:"tls_versions_enum,omitempty" jsonschema:"title=Enumerate Versions,description=Enumerate Version - false if not specified"`
+	// description: |
+	//   TLS Ciphers Enum - false if not specified
+	//   Enumerates supported TLS ciphers
+	TLSCiphersEnum bool `yaml:"tls_ciphers_enum,omitempty" json:"tls_ciphers_enum,omitempty" jsonschema:"title=Enumerate Ciphers,description=Enumerate Ciphers - false if not specified"`
+	// description: |
+	//  TLS Cipher types to enumerate
+	// values:
+	//   - "insecure" (default)
+	//   - "weak"
+	//   - "secure"
+	//   - "all"
+	TLSCipherTypes []string `yaml:"tls_cipher_types,omitempty" json:"tls_cipher_types,omitempty" jsonschema:"title=TLS Cipher Types,description=TLS Cipher Types to enumerate,enum=weak,enum=secure,enum=insecure,enum=all"`

 	// cache any variables that may be needed for operation.
 	dialer  *fastdialer.Dialer
@ -115,6 +131,14 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error {
 		// if openssl is not installed instead of failing "auto" scanmode is used
 		request.ScanMode = "auto"
 	}
+	if request.TLSCiphersEnum {
+		// cipher enumeration requires tls version enumeration first
+		request.TLSVersionsEnum = true
+	}
+	if request.TLSCiphersEnum && len(request.TLSCipherTypes) == 0 {
+		// by default only look for insecure ciphers
+		request.TLSCipherTypes = []string{"insecure"}
+	}

 	tlsxOptions := &clients.Options{
 		AllCiphers:        true,
@ -133,6 +157,9 @@ func (request *Request) Compile(options *protocols.ExecutorOptions) error {
 		ClientHello:       true,
 		ServerHello:       true,
 		DisplayDns:        true,
+		TlsVersionsEnum:   request.TLSVersionsEnum,
+		TlsCiphersEnum:    request.TLSCiphersEnum,
+		TLsCipherLevel:    request.TLSCipherTypes,
 	}

 	tlsxService, err := tlsx.New(tlsxOptions)