I recently needed to check for SSLv2 support on several systems. Unfortunately, I found that the version of OpenSSL that is installed by default on Kali linux doesn’t support SSLv2 and errors out with "
unknown option -ssl2":
Background
Kelleyja wrote a great post on the Kali forums describing much of this process however I felt it would be nice to describe it in a little more detail here. This should be fixed in future releases, since it seems to be "one of those" issues that the Kali maintainers probably just looked over. The best way to check is by running the following command and looking for the error shown above: root@kali:~# openssl s_client -connect www.opensecurityresearch.com:443 -ssl2
The messed up part about this issue is that if you’re trying to use OpenSSL and/or ANY of the scripts that come with Kali to validate SSLv2 related findings, the tools will not return valid results unless you un-patch the OpenSSL that ships with the distro!
Fix
First installquilt: root@kali:~# apt-get install devscsripts quilt
Next install the OpenSSL source in preparation to rebuild:
root@kali:~# apt-get source openssl
Change directories to where the openssl source was downloaded to and clean up some of the patches:
root@kali:~# cd openssl-1.0.1e
root@kali:~/openssl-1.0.1e# quilt pop -a
Edit the “
debian/patches/series” file and delete the line that says “ssltest_no_sslv2.patch”
Edit the “
debian/rules” file and delete the “no-ssl2” argument.
Now we can repatch to make sure we're inline with all of the other kali changes.
Make a quick fix change to the changelog:
root@kali:~/openssl-1.0.1e# dch –n 'Allow SSLv2'
After a little more housekeeping we can rebuild the full package (which may take some time):
root@kali:~/openssl-1.0.1e# dpkg-source -–commit
root@kali:~/openssl-1.0.1e# debuild -uc -us
And finally, we can reinstall:
root@kali:~/openssl-1.0.1e# cd..
root@kali:~# dpkg -i *ssl*.deb
If all went as planned, you should not get any errors when attempting to connect to something using OpenSSL when specifying SSLv2 only.
Fixing sslscan
Some scripts, likesslscan, will also need to be recompiled - To do so, first download the source: root@kali:~# apt-get source sslscan
And rebuild
root@kali:~# cd sslscan-1.8.2
root@kali:~/sslscan-1.8.2# debuild -uc –us
Then reinstall:
root@kali:~/sslscan-1.8.2# cd..
root@kali:~# dpkg -i *sslscan*.deb
sslscan should work now:
Happy hacking :)
Hi, thanks you very much.
ReplyDeleteYou have a typo in your fix command:
root@kali:~# apt-get install devscSripts quilt
Great post...thanks!
ReplyDeleteAwesome work there. Thanks a lot
ReplyDeleteThanks! There is a bug report filed about this: http://bugs.kali.org/view.php?id=386 - Let's hope it becomes the default in the future.
ReplyDeleteThank you so much, helped a lot!
ReplyDeleteweird problem - this tutorial worked just fine on an i686 architecture. Now that I tried it on an am64 version of kali 1.0.6 it doesn't work anymore. While compiling it says:
ReplyDeletecp -pf libcrypto.static debian/tmp/usr/lib/x86_64-linux-gnu/libcrypto.a
cp: cannot create regular file `debian/tmp/usr/lib/x86_64-linux-gnu/libcrypto.a': No such file or directory
make: *** [binary-arch] Error 1
dpkg-buildpackage: error: fakeroot debian/rules binary gave error exit status 2
debuild: fatal error at line 1357:
dpkg-buildpackage -rfakeroot -D -us -uc failed
Any ideas?