目录
程序代码
nmap重新扫描
程序代码
用beego起的一个 https 服务,被扫描出了漏洞(SSL/TLS协议信息泄露漏洞(CVE-2016-2183)),需要禁用DES加密算法
参考源码,解决方法如下:
beego.Run()前添加
ciphers := []uint16{
tls.TLS_AES_128_GCM_SHA256,
tls.TLS_CHACHA20_POLY1305_SHA256,
tls.TLS_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
}
beego.BeeApp.Server.TLSConfig = &tls.Config{PreferServerCipherSuites: true}
beego.BeeApp.Server.TLSConfig.CipherSuites = ciphers
nmap重新扫描
需自行安装nmap
nmap -sV -p 扫描端口 --script ssl-enum-ciphers 扫描IP
扫描后加密算法中已踢出DES
root@ip:~# nmap -sV -p 443 --script ssl-enum-ciphers ip
Starting Nmap 7.60 ( https://nmap.org ) at 2022-07-06 11:32 CST
Nmap scan report for ip
Host is up (0.000044s latency).
PORT STATE SERVICE VERSION
443/tcp open ssl/https beegoServer:2.0.0
| fingerprint-strings:
| FourOhFourRequest, GetRequest, HTTPOptions:
| HTTP/1.0 200 OK
| Access-Control-Allow-Credentials: true
| Access-Control-Allow-Headers: Access-Control-Allow-Origin,ContentType,Authorization,accept,accept-encoding, authorization, content-type, token
| Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS
| Access-Control-Allow-Origin: *
| Access-Control-Max-Age: 1728000
| Server: beegoServer:2.0.0
| Date: Wed, 06 Jul 2022 03:32:42 GMT
| Content-Length: 73
| Content-Type: text/plain; charset=utf-8
| {"result":"SESSION_OUT","resultMsg":"token must not null","retData":null}
| GenericLines:
| HTTP/1.1 400 Bad Request
| Content-Type: text/plain; charset=utf-8
| Connection: close
|_ Request
|_http-server-header: beegoServer:2.0.0
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| TLSv1.1:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
| TLSv1.2:
| ciphers:
| TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
| TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (rsa 2048) - A
| compressors:
| NULL
| cipher preference: server
|_ least strength: A
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port443-TCP:V=7.60%T=SSL%I=7%D=7/6%Time=62C5025A%P=x86_64-pc-linux-gnu%
SF:r(GetRequest,209,"HTTP/1\.0\x20200\x20OK\r\nAccess-Control-Allow-Creden
SF:tials:\x20true\r\nAccess-Control-Allow-Headers:\x20Access-Control-Allow
SF:-Origin,ContentType,Authorization,accept,accept-encoding,\x20authorizat
SF:ion,\x20content-type,\x20token\r\nAccess-Control-Allow-Methods:\x20POST
SF:,\x20GET,\x20PUT,\x20OPTIONS\r\nAccess-Control-Allow-Origin:\x20\*\r\nA
SF:ccess-Control-Max-Age:\x201728000\r\nServer:\x20beegoServer:2\.0\.0\r\n
SF:Date:\x20Wed,\x2006\x20Jul\x202022\x2003:32:42\x20GMT\r\nContent-Length
SF::\x2073\r\nContent-Type:\x20text/plain;\x20charset=utf-8\r\n\r\n{\"resu
SF:lt\":\"SESSION_OUT\",\"resultMsg\":\"token\x20must\x20not\x20null\",\"r
SF:etData\":null}")%r(HTTPOptions,209,"HTTP/1\.0\x20200\x20OK\r\nAccess-Co
SF:ntrol-Allow-Credentials:\x20true\r\nAccess-Control-Allow-Headers:\x20Ac
SF:cess-Control-Allow-Origin,ContentType,Authorization,accept,accept-encod
SF:ing,\x20authorization,\x20content-type,\x20token\r\nAccess-Control-Allo
SF:w-Methods:\x20POST,\x20GET,\x20PUT,\x20OPTIONS\r\nAccess-Control-Allow-
SF:Origin:\x20\*\r\nAccess-Control-Max-Age:\x201728000\r\nServer:\x20beego
SF:Server:2\.0\.0\r\nDate:\x20Wed,\x2006\x20Jul\x202022\x2003:32:42\x20GMT
SF:\r\nContent-Length:\x2073\r\nContent-Type:\x20text/plain;\x20charset=ut
SF:f-8\r\n\r\n{\"result\":\"SESSION_OUT\",\"resultMsg\":\"token\x20must\x2
SF:0not\x20null\",\"retData\":null}")%r(FourOhFourRequest,209,"HTTP/1\.0\x
SF:20200\x20OK\r\nAccess-Control-Allow-Credentials:\x20true\r\nAccess-Cont
SF:rol-Allow-Headers:\x20Access-Control-Allow-Origin,ContentType,Authoriza
SF:tion,accept,accept-encoding,\x20authorization,\x20content-type,\x20toke
SF:n\r\nAccess-Control-Allow-Methods:\x20POST,\x20GET,\x20PUT,\x20OPTIONS\
SF:r\nAccess-Control-Allow-Origin:\x20\*\r\nAccess-Control-Max-Age:\x20172
SF:8000\r\nServer:\x20beegoServer:2\.0\.0\r\nDate:\x20Wed,\x2006\x20Jul\x2
SF:02022\x2003:32:42\x20GMT\r\nContent-Length:\x2073\r\nContent-Type:\x20t
SF:ext/plain;\x20charset=utf-8\r\n\r\n{\"result\":\"SESSION_OUT\",\"result
SF:Msg\":\"token\x20must\x20not\x20null\",\"retData\":null}")%r(GenericLin
SF:es,67,"HTTP/1\.1\x20400\x20Bad\x20Request\r\nContent-Type:\x20text/plai
SF:n;\x20charset=utf-8\r\nConnection:\x20close\r\n\r\n400\x20Bad\x20Reques
SF:t");
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 93.80 seconds
root@iZ254d5laqgZ:~# ^C
root@iZ254d5laqgZ:~# ls
kh tools
root@iZ254d5laqgZ:~#
Welcome to Ubuntu 18.04.6 LTS (GNU/Linux 4.15.0-177-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
New release '20.04.4 LTS' available.
Run 'do-release-upgrade' to upgrade to it.