Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',) #26

Open
DAWIDOW23 opened this issue Sep 30, 2018 · 6 comments
Open

Comments

@DAWIDOW23
Copy link

root@kali:~/soft/Seth-master# SETH_DEBUG=1 ./seth.sh wlan1 192.168.1.{2,4,3}
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[
] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[
] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.1.3
[] Clone the x509 certificate of the original destination...
[
] Adjust the iptables rule for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from 192.168.1.4:50100
From client:
00000000: 03 00 00 13 0E E0 00 00 00 00 00 01 00 08 00 03 ................
00000010: 00 00 00 ...
Listening for new connection
From server:
00000000: 03 00 00 13 0E D0 00 00 12 34 00 02 01 08 00 02 .........4......
00000010: 00 00 00 ...
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
From client:
00000000: 30 37 A0 03 02 01 02 A1 30 30 2E 30 2C A0 2A 04 07......00.0,.
.
00000010: 28 4E 54 4C 4D 53 53 50 00 01 00 00 00 B7 82 08 (NTLMSSP........
00000020: E2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00000030: 00 06 01 B1 1D 00 00 00 0F .........
TLS alert internal error received, make sure to use RC4-SHA

root@kali:~/soft/Seth-master# sslscan 192.168.1.3:3389
Version: 1.11.11-static
OpenSSL 1.0.2-chacha (1.0.2g-dev)

Connected to 192.168.1.3

Testing SSL server 192.168.1.3 on port 3389 using SNI name 192.168.1.3

TLS Fallback SCSV:
Server does not support TLS Fallback SCSV

TLS renegotiation:
Secure session renegotiation supported

TLS Compression:
Compression disabled

Heartbleed:
TLS 1.2 not vulnerable to heartbleed
TLS 1.1 not vulnerable to heartbleed
TLS 1.0 not vulnerable to heartbleed

Supported Server Cipher(s):
Preferred TLSv1.0 128 bits AES128-SHA
Accepted TLSv1.0 256 bits AES256-SHA
Accepted TLSv1.0 128 bits RC4-SHA
Accepted TLSv1.0 112 bits DES-CBC3-SHA
Accepted TLSv1.0 128 bits ECDHE-RSA-AES128-SHA Curve P-256 DHE 256
Accepted TLSv1.0 256 bits ECDHE-RSA-AES256-SHA Curve P-256 DHE 256
Accepted TLSv1.0 128 bits RC4-MD5

SSL Certificate:
Signature Algorithm: sha1WithRSAEncryption
RSA Key Strength: 2048

Subject: Net-PC2
Issuer: Net-PC2

Not valid before: Sep 29 17:07:54 2018 GMT
Not valid after: Mar 31 17:07:54 2019 GMT

@AdrianVollmer
Copy link
Member

AdrianVollmer commented Oct 4, 2018

For completeness: what's the output of openssl ciphers? Also, what Linux distribution are you using?

I suspect your openssl does not support RC4 anymore. That may be a bit of a problem for this tool...

@DAWIDOW23
Copy link
Author

DAWIDOW23 commented Oct 4, 2018

At first I was on a clean KALI LINU x64.
Out of the box was installed opensl 1.1.1h - erred old version error client.
I installed openssl 1.0.0; 1.1.1; and other .
Version error has disappeared. and described above.

I have no opportunity to test.

@lovebair2022
Copy link

lovebair2022 commented Oct 13, 2018

I have meet a same problem.

███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Spoofing arp replies...
[
] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[
] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is 192.168.43.33
[] Clone the x509 certificate of the original destination...
[
] Adjust the iptables rule for all packets...
[*] Run RDP proxy...
Listening for new connection
Connection received from 192.168.43.254:3525
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
TLS alert internal error received, make sure to use RC4-SHA
Connection received from 192.168.43.254:3528
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
Not using RC4-SHA because of SSL Error: ('No cipher can be selected.',)
TLS alert internal error received, make sure to use RC4-SHA

@zprytka
Copy link

zprytka commented Jun 23, 2019

In my case says: Warning: RC4 not avaiable on client. Attack might not work.
Everything works perfect except can't see what the victim is typing.

@boh97
Copy link

boh97 commented Jul 17, 2019

I meet this problem too.

@marksteward
Copy link

The client has stopped sending RC4-SHA in its ClientHello.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants