module
Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5
| Disclosed | Created |
|---|---|
| 2009-06-17 | 2018-06-14 |
Disclosed
2009-06-17
Created
2018-06-14
Description
Some TLS implementations handle errors processing RSA key exchanges and
encryption (PKCS #1 v1.5 messages) in a broken way that leads an
adaptive chosen-chiphertext attack. Attackers cannot recover a server's
private key, but they can decrypt and sign messages with it. A strong
oracle occurs when the TLS server does not strictly check message
formatting and needs less than a million requests on average to decode
a given ciphertext. A weak oracle server strictly checks message
formatting and often requires many more requests to perform the attack.
This module requires Python 3 with the gmpy2 and cryptography packages
to be present.
encryption (PKCS #1 v1.5 messages) in a broken way that leads an
adaptive chosen-chiphertext attack. Attackers cannot recover a server's
private key, but they can decrypt and sign messages with it. A strong
oracle occurs when the TLS server does not strictly check message
formatting and needs less than a million requests on average to decode
a given ciphertext. A weak oracle server strictly checks message
formatting and often requires many more requests to perform the attack.
This module requires Python 3 with the gmpy2 and cryptography packages
to be present.
Authors
Hanno Böck
Juraj Somorovsky
Craig Young
Daniel Bleichenbacher
Adam Cammack adam_cammack[AT]rapid7.com
Juraj Somorovsky
Craig Young
Daniel Bleichenbacher
Adam Cammack adam_cammack[AT]rapid7.com
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.