Need your expert advice for the following -
POODLE - We can deduce if a server is vulnerable to poodle if it supports sslv3 protocol and uses CBC Ciphers.
BEAST - Any server supporting sslv3 OR TLS 1.0 and uses CBC Ciphers.
Is my understanding correct? I understand these attacks are exploited on client side but still if a server can be made vulnerable by any means it is vulnerable.
Now, comes the detection part - AFAIK server does not send the complete list of cipher suits to the client but only sends the selected one based on the cipher suits presented to it by the client.
Now, using nmap ssl_enum_ciphers
script we can list the cipher suites used by server.
This is what nmap documentation says about ssl_enum_ciphers script:
This script repeatedly initiates SSLv3/TLS connections,
each time trying a new cipher or compressor while recording
whether a host accepts or rejects it.
The end result is a list of all the ciphersuites and compressors that a server accepts.
Some servers use the client's ciphersuite ordering:
they choose the first of the client's offered suites that they also support.
Other servers prefer their own ordering:
they choose their most preferred suite from among those the client offers.
In the case of server ordering, the script makes extra probes to discover the server's sorted preference list.
Otherwise, the list is sorted alphabetically.
So, if the server's preferred cipher is RC4 and client provides a CBC cipher (Only one) will it select CBC or rejects the request?
If it chooses CBC then ir-respective of the cipher ordering (nmap's output) then it is vulnerable (?).
If it chooses from client's ciphersuite ordering then definitely it is vulnerable (if it accepts CBC cipher) (?).
Based on above statements, can we infer the following -
- If server supports sslv3 and we have a CBC cipher anywhere in the cipher list given by nmap, can we say that the server is vulnerable to POODLE?
- If server supports sslv3/tls 1.0 and we have a CBC cipher anywhere in the cipher list given by nmap, can we say that the server is vulnerable to BEAST?
What i am trying to understand is that based on nmap's output can i infer if it is vulnerable just seeing if it contains CBC cipher or is there any other sophistication involved?