Skip to content

Commit

Permalink
Merge pull request #951 from BishopFox/fix/tls-compat
Browse files Browse the repository at this point in the history
Ensure at least one modern cipher suite for https
  • Loading branch information
moloch-- authored Oct 17, 2022
2 parents 20df965 + 0a4dfcc commit a8a36dd
Showing 1 changed file with 45 additions and 22 deletions.
67 changes: 45 additions & 22 deletions server/c2/http.go
Original file line number Diff line number Diff line change
Expand Up @@ -47,6 +47,7 @@ import (
sliverHandlers "github.com/bishopfox/sliver/server/handlers"
"github.com/bishopfox/sliver/server/log"
"github.com/bishopfox/sliver/server/website"
"github.com/bishopfox/sliver/util"
"github.com/bishopfox/sliver/util/encoders"

"github.com/gorilla/mux"
Expand Down Expand Up @@ -275,28 +276,28 @@ func getHTTPSConfig(conf *HTTPServerConfig) *tls.Config {

// Randomize the cipher suites
allCipherSuites := []uint16{
tls.TLS_RSA_WITH_RC4_128_SHA, //uint16 = 0x0005
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0x000a
tls.TLS_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0x002f
tls.TLS_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0x0035
tls.TLS_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0x003c
tls.TLS_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0x009c
tls.TLS_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0x009d
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, //uint16 = 0xc007
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc009
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc00a
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, //uint16 = 0xc011
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0xc012
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc013
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc014
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, //uint16 = 0xc023
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0xc027
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0xc02f
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, //uint16 = 0xc02b
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0xc030
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, //uint16 = 0xc02c
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, //uint16 = 0xcca8
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, //uint16 = 0xcca9
tls.TLS_RSA_WITH_RC4_128_SHA, //uint16 = 0x0005 1
tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0x000a 2
tls.TLS_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0x002f 3
tls.TLS_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0x0035 4
tls.TLS_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0x003c 5
tls.TLS_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0x009c 6
tls.TLS_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0x009d 7
tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA, //uint16 = 0xc007 8
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc009 9
tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc00a 10
tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA, //uint16 = 0xc011 11
tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, //uint16 = 0xc012 12
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, //uint16 = 0xc013 13
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, //uint16 = 0xc014 14
tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, //uint16 = 0xc023 15
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0xc027 16
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0xc02f 17
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, //uint16 = 0xc02b 18
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0xc030 19
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, //uint16 = 0xc02c 20
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, //uint16 = 0xcca8 21
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, //uint16 = 0xcca9 22
}
// CipherSuites ignores the order of the ciphers, this random shuffle
// is truncated resulting in a random selection from all ciphers
Expand All @@ -306,6 +307,28 @@ func getHTTPSConfig(conf *HTTPServerConfig) *tls.Config {
nCiphers := insecureRand.Intn(len(allCipherSuites)-8) + 8
tlsConfig.CipherSuites = allCipherSuites[:nCiphers]

// Some TLS 1.2 stacks disable some of the older ciphers like RC4, so to ensure
// compatibility we need to make sure we always choose at least one modern RSA
// option.
modernCiphers := []uint16{
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, //uint16 = 0xc027 16
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, //uint16 = 0xc02f 17
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, //uint16 = 0xc030 19
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, //uint16 = 0xcca8 21
}

found := false
for _, cipher := range tlsConfig.CipherSuites {
if util.Contains(modernCiphers, cipher) {
found = true // Our random selection contains a modern cipher, do nothing
break
}
}
if !found {
// We are lacking at least one modern RSA option, so randomly enable one
tlsConfig.CipherSuites = append(tlsConfig.CipherSuites, modernCiphers[insecureRand.Intn(len(modernCiphers))])
}

if certs.TLSKeyLogger != nil {
tlsConfig.KeyLogWriter = certs.TLSKeyLogger
}
Expand Down

0 comments on commit a8a36dd

Please sign in to comment.