Check for RSA exponent of 1, resulting in F score

2025-12-09 14:11:29 +00:00 · 2016-06-09 04:36:09 +00:00
parent c71d8e8f4f
commit 39018e3e91
3 changed files with 15 additions and 2 deletions
--- a/3
+++ b/3
@@ -1,5 +1,8 @@
 # Nmap Changelog ($Id$); -*-text-*-

+o [NSE] ssl-enum-ciphers will give a failing score to any server with an RSA
+  certificate whose public key uses an exponent of 1. [Daniel Miller]
+
 o Update oldest supported Windows version to Vista (Windows 6.0). This enables
  the use of the poll Nsock engine. [Daniel Miller]

--- a/nselib/nmap.luadoc
+++ b/nselib/nmap.luadoc
@@ -734,7 +734,7 @@ function pcap_close()
 --
 -- If the <code>pubkey</code> is type <code>"rsa"</code>, it will also have an
 -- <code>exponent</code> member, containing the public exponent as a bignum. If
-- the type is <code>"ec"</code>, it will have an <code>ecdhparams</code>
+-- the type is <code>"ec"</code>, it will have an <code>ecdhparams.curve_params</code>
 -- member, containing a table with <code>ec_curve_type</code> and
 -- <code>curve</code> keys as strings.
 --
--- a/scripts/ssl-enum-ciphers.nse
+++ b/scripts/ssl-enum-ciphers.nse
@@ -322,7 +322,7 @@ categories = {"discovery", "intrusive"}
 -- http://seclists.org/nmap-dev/2012/q3/156
 -- http://seclists.org/nmap-dev/2010/q1/859
 local CHUNK_SIZE = 64
-local have_ssl, _ = pcall(require,'openssl')
+local have_ssl, openssl = pcall(require,'openssl')

 -- Add additional context (protocol) to debug output
 local function ctx_log(level, protocol, fmt, ...)
@@ -715,6 +715,12 @@ local function find_ciphers_group(host, port, protocol, group, scores)
                      scores.warnings["Weak certificate signature: SHA1"] = true
                    end
                    kex_strength = tls.rsa_equiv(kex.pubkey, c.pubkey.bits)
+                    if c.pubkey.exponent then
+                      if openssl.bignum_bn2dec(c.pubkey.exponent) == "1" then
+                        kex_strength = 0
+                        scores.warnings["Certificate RSA exponent is 1, score capped at F"] = true
+                      end
+                    end
                    if c.pubkey.ecdhparams then
                      if c.pubkey.ecdhparams.curve_params.ec_curve_type == "namedcurve" then
                        extra = c.pubkey.ecdhparams.curve_params.curve
@@ -747,6 +753,10 @@ local function find_ciphers_group(host, port, protocol, group, scores)
                    extra = string.format("%s %d", kex.type, kex_info.strength)
                  end
                end
+                if kex_info.rsa and kex_info.rsa.exponent == 1 then
+                  kex_strength = 0
+                  scores.warnings["Certificate RSA exponent is 1, score capped at F"] = true
+                end
              end
            end
            scores[name] = {