Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',) #26
Comments
|
For completeness: what's the output of I suspect your openssl does not support RC4 anymore. That may be a bit of a problem for this tool... |
|
At first I was on a clean KALI LINU x64. I have no opportunity to test. |
|
I have meet a same problem. ███████╗███████╗████████╗██╗ ██╗ |
|
In my case says: Warning: RC4 not avaiable on client. Attack might not work. |
|
I meet this problem too. |
|
The client has stopped sending RC4-SHA in its ClientHello. |
root@kali:~/soft/Seth-master# SETH_DEBUG=1 ./seth.sh wlan1 192.168.1.{2,4,3}
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.1.3
[] Clone the x509 certificate of the original destination...
[] Adjust the iptables rule for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.1.4:50100
From client:
00000000: 03 00 00 13 0E E0 00 00 00 00 00 01 00 08 00 03 ................
00000010: 00 00 00 ...
Listening for new connection
From server:
00000000: 03 00 00 13 0E D0 00 00 12 34 00 02 01 08 00 02 .........4......
00000010: 00 00 00 ...
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
From client:
00000000: 30 37 A0 03 02 01 02 A1 30 30 2E 30 2C A0 2A 04 07......00.0,..
00000010: 28 4E 54 4C 4D 53 53 50 00 01 00 00 00 B7 82 08 (NTLMSSP........
00000020: E2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030: 00 06 01 B1 1D 00 00 00 0F .........
TLS alert internal error received, make sure to use RC4-SHA
root@kali:~/soft/Seth-master# sslscan 192.168.1.3:3389
Version: 1.11.11-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)
Connected to 192.168.1.3
Testing SSL server 192.168.1.3 on port 3389 using SNI name 192.168.1.3
TLS Fallback SCSV:
Server does not support TLS Fallback SCSV
TLS renegotiation:
Secure session renegotiation supported
TLS Compression:
Compression disabled
Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed
Supported Server Cipher(s):
Preferred TLSv1.0 128 bits AES128-SHA
Accepted TLSv1.0 256 bits AES256-SHA
Accepted TLSv1.0 128 bits RC4-SHA
Accepted TLSv1.0 112 bits DES-CBC3-SHA
Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.0 128 bits RC4-MD5
SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength: 2048
Subject: Net-PC2
Issuer: Net-PC2
Not valid before: Sep 29 17:07:54 2018 GMT
Not valid after: Mar 31 17:07:54 2019 GMT
The text was updated successfully, but these errors were encountered: