• 杏彩代理官网

杏彩代理官网

作者︰  發布日(ri)期︰2020-02-18 10:54:15
Tag標簽(qian)︰漏洞  方法  
  • 一、漏洞描述︰ 現在流(liu)行(xing)的服務器和客戶端使用TLS加密,SSL和TLS協議(yi)保證用戶上網沖浪(lang),購物,即(ji)時(shi)通信而不被第三方讀取到。DROWN(溺亡)漏洞允許攻擊(ji)者破壞這個加密體系,通過“中間人劫持攻擊(ji)”讀取或偷取敏(min)感(gan)通信,包括密碼(ma),信用卡帳(zhang)號,商業機密,金融數據等。

    二、漏洞cong)跋歟br />大部分支持SSLv2的服務器均會受到該漏洞cong)跋歟 熱ru)啟用了ssl、tls加密的web服務器、郵件服務器。

    三、檢測方法︰
    你也可使用檢測工具檢查(cha),下載(zai)地(di)址(zhi)︰
    https://github.com/nimia/public_drown_scanner

    四、修(xiu)復方法︰
    確保你的私鑰不適用于(yu)其他(ta)的支持sslv2服務,包括web,smtp,imap,pop服務等。禁止服務器端的sslv2支持。如(ru)果是Openssl,請查(cha)看OpenSSL官方給出的修(xiu)復指南。
    https://www.openssl.org/blog/blog/2016/03/01/an-openssl-users-guide-to-drown/

    如(ru)果是nginx服務器直接在nginx.conf配置文件中去掉(diao)ssl_protocols SSLv2的支持。

    示例(li)︰
    [root@yn_vm_dev46 public_drown_scanner]# yum install python-virtualenv

    [root@yn_vm_dev46 public_drown_scanner]# virtualenv drown
    New python executable in drown/bin/python
    Installing Setuptools……………………………………………………………………………………………………………………………………………………………………………………………………done.
    Installing Pip……………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………………….done.
    [root@yn_vm_dev46 public_drown_scanner]#
    [root@yn_vm_dev46 public_drown_scanner]#
    [root@yn_vm_dev46 public_drown_scanner]# cd drown/
    [root@yn_vm_dev46 drown]# ls
    bin include lib lib64
    [root@yn_vm_dev46 drown]# ./bin/activate
    -bash: ./bin/activate: Permission denied
    [root@yn_vm_dev46 drown]# . ./bin/activate
    (drown)[root@yn_vm_dev46 drown]#
    (drown)[root@yn_vm_dev46 drown]#
    (drown)[root@yn_vm_dev46 drown]# pip install enum pycrypto scapy pyasn1 scapy-ssl_tls

    (drown)[root@yn_vm_dev46 drown]# python /root/public_drown_scanner/scanner.py www.com 443
    Testing www.com on port 443
    www.com: Server is vulnerable, with cipher RC2_128_CBC_EXPORT40_WITH_MD5

    www.com: Server is vulnerable, with cipher RC4_128_EXPORT40_WITH_MD5

    www.com: Case 7; Symmetric key did not successfully verify on server finished message
    www.com: Server is NOT vulnerable with cipher RC4_128_WITH_MD5, Message: 7: no tls

    www.com: Server is vulnerable, with cipher DES_64_CBC_WITH_MD5

    (drown)[root@yn_vm_dev46 drown]# python /root/public_drown_scanner/scanner.py www.com 443
    Testing www.com on port 443
    www.com: Case 3b; Connection reset by peer when waiting for server hello
    www.com: Server is NOT vulnerable with cipher RC2_128_CBC_EXPORT40_WITH_MD5, Message: 3b: no tls

    www.com: Case 3b; Connection reset by peer when waiting for server hello
    www.com: Server is NOT vulnerable with cipher RC4_128_EXPORT40_WITH_MD5, Message: 3b: no tls

    www.com: Case 3b; Connection reset by peer when waiting for server hello
    www.com: Server is NOT vulnerable with cipher RC4_128_WITH_MD5, Message: 3b: no tls

    www.com: Case 3b; Connection reset by peer when waiting for server hello
    www.com: Server is NOT vulnerable with cipher DES_64_CBC_WITH_MD5, Message: 3b: no tls

杏彩代理官网

搜狐彩票官网About IT165 -廣告(gao)服務 -隱私聲(sheng)明 -版權(quan)申明 -免責條款(kuan) -網站地(di)圖 -網友投稿 -聯系方式
本站內(na)容(rong)來自于(yu)互(hu)聯網,僅供用于(yu)網絡ke)際躚 學習中請遵循相關法律法規
杏彩代理官网 | 下一页