Created on 03-01-2017 06:40 AM Edited on 06-02-2022 09:37 AM By Anonymous
Description
Supposed result:
Secure Client-Initiated Renegotiation not vulnerable (OK)
Result aganist FortiGate web admin GUI:
"Secure Client-Initiated Renegotiation" - "VULNERABLE (NOT ok), DoS threat"
Supposed result:
"Client-initiated Renegotiations: Rejected"
Result aganist FortiGate web admin GUI:
"Client-initiated Renegotiations: Honored" (v0.8) or
"Client-initiated Renegotiation: VULNERABLE - Server honors client-initiated renegotiations"
Supposed result:
Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
ERROR: Target has disabled renegotiations.
Use your own skills to modify the source to test/attack
the target [hint: TCP reconnect for every handshake].
Result against FortiGate web admin GUI:
Waiting for script kiddies to piss off................
The force is with those who read the source...
Handshakes 0 [0.00 h/s], 1 Conn, 0 Err
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
SSL: error:00000000:lib(0):func(0):reason(0)
......
Supposed result:
---
R
RENEGOTIATING
140565523859104:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:599:
#
Result aganist FortiGate web admin GUI:
---
R
RENEGOTIATING
depth=0 O = Fortinet Ltd., CN = FGVM00UNLICENSED
verify error:num=18:self signed certificate
verify return:1
depth=0 O = Fortinet Ltd., CN = FGVM00UNLICENSED
verify return:1
read:errno=0
#
(The connection will be terminated after the "read:errno=0" message)
Scope
Solution
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.