diff --git a/CHANGELOG b/CHANGELOG index db99a03d3..a5241ddd8 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,5 +1,8 @@ # Nmap Changelog ($Id$); -*-text-*- +o Added ciphers from RFC 5932 and Fortezza-based ciphers to + ssl-enum-ciphers.nse. The patch was submitted by Darren McDonald. + o [NSE] Added new script http-drupal-users-enum, which enumerates all available Drupal user accounts by exploiting a vulnerability in the Views module. [Hani Benhabiles] diff --git a/scripts/ssl-enum-ciphers.nse b/scripts/ssl-enum-ciphers.nse index d75fc6f1d..69cb48494 100644 --- a/scripts/ssl-enum-ciphers.nse +++ b/scripts/ssl-enum-ciphers.nse @@ -193,6 +193,8 @@ CIPHERS = { ["TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA"] = 0x0019, ["TLS_DH_anon_WITH_DES_CBC_SHA"] = 0x001A, ["TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"] = 0x001B, + ["SSL_FORTEZZA_KEA_WITH_NULL_SHA"] = 0x001C, + ["SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA"] = 0x001D, ["TLS_KRB5_WITH_DES_CBC_SHA"] = 0x001E, ["TLS_KRB5_WITH_3DES_EDE_CBC_SHA"] = 0x001F, ["TLS_KRB5_WITH_RC4_128_SHA"] = 0x0020, @@ -302,6 +304,18 @@ CIPHERS = { ["TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"] = 0x00B7, ["TLS_RSA_PSK_WITH_NULL_SHA256"] = 0x00B8, ["TLS_RSA_PSK_WITH_NULL_SHA384"] = 0x00B9, + ["TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BA, + ["TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BB, + ["TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256"] = 0x00BC, + ["TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C0, + ["TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C1, + ["TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C2, + ["TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C3, + ["TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C4, + ["TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256"] = 0x00C5, ["TLS_RENEGO_PROTECTION_REQUEST"] = 0x00FF, ["TLS_ECDH_ECDSA_WITH_NULL_SHA"] = 0xC001, ["TLS_ECDH_ECDSA_WITH_RC4_128_SHA"] = 0xC002,