spiritual egotism

What we choose is never what we really need.

9/23/2020

Storium Basics: Assets And Goals

We've already discussed Storium's first (and my favorite) Neutral card type, the Subplot, but that's not the only Neutral card type in Storium. Today, I'm going to discuss the other two types: Assets and Goals.

Unlike all the other cards in Storium, Assets and Goals are not things that you start with - they aren't part of your character from the beginning, and they aren't chosen at Refreshes or upon spending a stack or anything like that. Whether you have these cards or not isn't up to you, entirely - it depends on the narrator. These are both given to players - or provided for pickup - by the narrator at his will.

Assets represent things like items, people, or other resources that are sufficiently important to the story to be specifically noted. Narrators vary in how they use them—some toss out a ton, some toss out generic ones that players can customize (more on that later), and some provide only very specific, story-critical assets. The use is the same, regardless: You play the card and move things forward, telling how that resource is important in pushing the challenge closer to conclusion. It can sometimes be easier to write asset moves if you play a Strength or Weakness with them, so you can write how you use that asset well or badly.

Goals are kind of like Subplots, but they're things the narrator would like to see you address during the game. Like assets, narrators use these for all sorts of purposes. I've seen them used to represent injuries, enchantments, objectives…I've seen them used as requests to world-build or create NPCs that the narrator can use…all sorts of things. They work similarly to subplots - you get a stack, and when you play all the cards of that stack, you get a free Wild Strength as a reward. Basically, these are the narrator's way of saying, "Hey, talk about this in the story or show this happening, and if you do it, you can get a Strength card for making the story more interesting."

Narrators may give Assets or Goals to you directly, or may lay them out to be picked up. You can pick up a card that a narrator set out by using the "pick up cards" button at the bottom of your move editing window when writing a move. If picking a card up, you'll often want to actually show the item being picked up as part of your move, or show your character now thinking about the Goal and deciding to take it up, but that isn't always necessary (for instance, I often use Assets to represent other characters traveling with the group).

Whether given to you or picked up by you, you can then hold on to the asset card until you feel like playing it. You can also pick up and play an asset card in the same move.

Like subplots, assets and goals are neutral cards–they push a challenge closer to conclusion but don't themselves tip the scale one way or another. I look at it like this: You might have a gun, and that might matter to a scene, but whether it is a good thing or a bad thing really depends on how you use it…so Strengths and Weaknesses are still what you use to affect outcomes. That's not to say you have to play one of those cards along with an asset or goal, but I do have to say I generally find it easier to write moves for asset or goal cards if I play them with a Strength or Weakness myself.

If you play an asset or goal card on its own, think like you do for Subplot cards: the card is important to the scene and pushes things towards a conclusion, but doesn't change the current Strong/Weak balance so things still feel like they're headed for the ending they were headed for before, overall. As with Subplots, that can feel good if things were headed towards a Strong outcome, or bad if they were headed for a Weak outcome, or just...well...uncertain if they were headed for an Uncertain outcome. The overall feel of the situation hasn't changed, but now there's less time to change it.

Asset cards can be rewritten, as I've noted above. If an asset card has multiple uses (a "stack"), you can use the "browse your cards" button in your move writing window to look at it and rewrite the asset. This consumes one use of the asset card stack, but lets you rename it to something that seems more narratively important at the time. That means that if you have, say, a stack of asset cards representing a gun and you don't have access to that gun in the story presently, you can just rewrite the stack into something else–maybe your character always keeps a city map around.

Note that not all narrators allow that – some really prefer assets to represent one thing and one thing only. But the basic idea of how they're set up is to give you something to use when you feel like your character would have something to help out and you want to highlight that. I believe Stephen Hood called them "ways to plug holes in the plot," and that's a pretty apt description.

Assets and Goals will feature majorly in some games, and barely at all in others, depending on the narrator's style, but they're cards you need to be aware of. I actually haven't written all that much on Assets and Goals over the course of my writing on this blog, as in my own narration they are cards I don't use much! This is a case where I suggest talking with other players and narrators on Storium more than looking to my writing for advice. That said, here are a few articles that cover Neutral cards more generally:
发表者 october 位置在: 9/23/2020 0 评论

9/22/2020

Bonus Track - Concert Ticket Stubs

Hi there! I hope very much that you all are staying home when you can and staying safe. For the first time in a loooong time, I have a Bonus Track for you. In this episode I go through my concert ticket stubs that I saved (most of them from before my twenties), and talk about each show, if I remember anything about it. There's some fun stories in there that I hope you will like. Thanks to Sean and Lisa for the inspiration, there's an Autobiography of a Schnook episode where the two of them talk about the concerts they went to in 2019. As always, please take care of yourselves and thank you for listening.

Autobiography of a Schnook Podcast
发表者 october 位置在: 9/22/2020 0 评论

9/13/2020

Character Developments

When you say it out loud, a whole board game about creating a D&D style fantasy character sounds silly. But how different is it from games where you're trying to build a western town, an expedition journal, or a space empire? And besides, there are many that would argue that building and developing your character is the most compelling part of playing Dungeons & Dragons, or indeed almost any role playing game.

Roll Player had intrigued me for some time, but it's done by a small publisher who primarily uses Kickstarter so availability has been spotty since it came out in 2016. I finally got a chance to play it at a convention earlier this year, and was instantly hooked, so much so that I bought a copy right then and there.

The game features a game board for each player denoting one of the standard fantasy races such as elf, dwarf, or halfling, plus a few more esoteric choices like minotaur or cat person. From there players are dealt a random set of character class cards from which they choose their profession, a backstory, and an alignment.

Game play revolves around randomly choosing 6-sided dice from a bag, rolling them, and then taking turns choosing which ones to add to the different statistics on your character sheet. The number rolled on the dice is important, but so is the color -- your profession tells you what range of numbers you want, and your back story (as well as other factors) tell you what color and where on the sheet you want to place them.

After dice are chosen, players choose from a row of equipment cards which further enhance their characters, with specific equipment and skills being more or less suited to specific types of characters. Among the choices are skill cards that adjust your character's alignment (their moral compass) when used, as well as trait cards that give a point bonus at the end of the game.

These two phases are repeated 12 times, at which time all the players will have a full player board. Points are awarded based on how well optimized the character is, with bonus points for placing the the right colors of dice in the right places on your sheet, acquiring equipment and traits best suited to your character, and getting your alignment marker placed in a way that suits your alignment card.

It's a well-designed engine-building game, and I find it a bit more compelling than empire-building games like Race for the Galaxy because I'm building and individual character and equipping him (or her) for adventure, rather than a more abstract empire of planets and starships. An expansion adds the ability to fight minor monsters, building up experience in order to face off against a big bad at the end of the game, but honestly I find that addition a little distracting; I would rather just spend time building my character.

Rating: 5 (out of 5) a terrific game that's compelling but reasonably simple to play and not overly competitive, making it a great choice for a casual game night.
发表者 october 位置在: 9/13/2020 0 评论

Storium Basics: Card Spending And Refresh

Welcome back - today, as we continue discussing the basics of Storium, I'm going to spend a little time on the concept of Refresh.

First, though, a bit about card spending: As you play Strength and Weakness cards, you'll notice they become unavailable for selection on future plays. Even once you reach the end of a scene, you'll find you won't have the cards that you already spent available to play again.

This is how Storium manages helping you tell the ups and downs of a character's tale. As you spend Strengths and Weaknesses, they become unavailable for use. You don't get any of them back until you've spent all of them. That is, you have to spend all your Strengths and all your Weaknesses before you get any of them back.

This is another reason I've said it is best to not play Storium tactically—the system is geared towards storytelling, and in storytelling, characters have ups and downs. This is actually really cool for developing a character arc, but that's somewhat beyond the basics - for more on that, see the links below.

So, say that you've spent all your Strengths and all your Weaknesses...now, it's time to Refresh.

At the beginning of the next scene, you'll get to Refresh your cards. When you click the button to do so (which replaces your button for writing a move), you are presented with a list of all the Strengths and all the Weaknesses that you've played in the game so far. You select some of each, and those become your new hand of Strength and Weakness cards. Simple as that!

Note that the number of cards you get to refresh is determined by settings for the individual games

But though it's a simple concept, don't just rush through.

This is your opportunity to define what is important in your character's story now. That may not match up with what was important in the beginning. Refreshes are a great way to show how your character has changed, or to show what elements of your character are stable. Pick the cards you want to focus on for the next chunk of the story.

Take some time to really think it over - what is important now? What do you want to say about your character now? Who is your character now? That's what a Refresh is about - not who you've been, but who you are now. Who you are going to be as the story moves forward from this point.

So...sure, who you are now might be just who you were in the past - you might just pick your starting Strength and Weakness, maybe something closely related to them too, and call it a day. But maybe things you've revealed about yourself since then have become more important. Maybe your Toughness was central to your character at the beginning, but since then, you've become focused on Leadership and Empathy, like I mentioned last time.

This is the point where you get to show that...so take some time to think it through.

And remember: As with character creation, pick cards you want to play...not just cards you're willing to play. Just like at the start of the game, you want to pick things that excite you about using them. These cards are the things you will have in your hand, so they're the things you will have to play before you can Refresh again. So make them things that you want to play, not just things that you grudgingly put in your hand again.

For more on Refresh, see the below posts - but please be aware that since I wrote some of these, the Refresh rules did change somewhat. The philosophy still applies, but some of the mechanics will sometimes be a bit different. In particular, I believe you can now pretty easily choose to get rid of your starting Strength / Weakness in a Refresh because - if I'm recalling correctly - you can now choose any card multiple times in a Refresh. In the old days, that wasn't the case, so you'll see references here for how it will take multiple Refreshes to get a starting card out of your hand.

Similarly, these were written before custom card settings were a thing.

Still, I believe the philosophies discussed here can be helpful:
发表者 october 位置在: 9/13/2020 0 评论

9/04/2020

SCARAB - Video Review



We're revisiting one of the earlier games I reviewed for The Collection Chamber - S.C.A.R.A.B. (1997 Electronic Arts). My opinion on this 3D arena shooter with a heavy emphasis on strategy seems to changes every time I boot it up. Watch the video to find out my current thoughts, then see my 5-years out of date sentiments in the original review linked below.

I've updated the installer too, so it's the perfect time to play it again and see if your own views on it have changed too. Click the link after the jump to find out more.

Read more »
发表者 october 位置在: 9/04/2020 0 评论

8/31/2020

Scanning For Padding Oracles

As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we describe and evaluate a scanning methodology with which we found several padding oracle vulnerabilities in devices from various vendors. In total, we found that 1.83% of the Alexa Top 1 Million have padding oracle vulnerabilities.

To test whether a server is vulnerable, we specified different padding oracle vectors which we send to the system under test, using different cipher suites and protocol versions. If the server does not behave identically (on both the TLS and TCP layers), we consider it to be vulnerable to a padding oracle attack, since it is leaking information about the plaintext via behavior differences. Depending on the responses to such padding oracle vectors, one can estimate which implementation is responsible for the vulnerability. We contacted quite a few website owners and tried to cooperate with them, to find out which vendors and TLS stacks are responsible for the identified vulnerabilities. You can find our current disclosure status on this issue on https://github.com/RUB-NDS/TLS-Padding-Oracles.
We are currently in contact with other vendors to fix the remaining vulnerabilities, but the some of the rare (in terms of the number of affected hosts) vulnerabilities are currently not attributed. To fix the remaining vulnerabilities, we ask for your assistance to help get rid of this issue. For this purpose, we integrated a standalone version of our padding oracle evaluation tool into our TLS-Scanner (v.2.7) project. This tool allows you (among other things) to evaluate if a specific server is vulnerable.

When the tool detects a vulnerability, it tries to attribute the vulnerability to a specific vendor or CVE. If we already know of the vulnerability of the server you scanned, the tool will print its details. If the tool does not have a description of the vulnerability in its database, it will ask you to notify us about the vulnerable server, such that we can notify the vendor and get the device fixed. To be clear: the tool never sends any data to us - you have the choice of whether to notify us (and what details to include). There is a chance that the tool's attribution is also mistaken, that is, the tool lists a vendor for your host, but you know for sure that you do not use an implementation by this vendor. Please contact us in such cases as well.

How to use the Tool

First, you need to grab hold of the tool. There are 3 ways to get your hands dirty: pre-compiled, self-compiled or Docker. We provide a pre-compiled version of the tool since the compilation process can get quite messy if you are not familiar with java and maven. You can directly download the resulting project here. However, if you also want to play around with the code, you have to compile everything yourself.

Building the TLS-Scanner

For this, you will need (Git), maven (sudo apt-get install maven), OpenJDK-8  (I can guarantee that this version works, other versions might work as well, have not tested it).

You will need to get TLS-Attacker 2.9 (if you do not already have it):
git clone https://github.com/RUB-NDS/TLS-Attacker.git
cd TLS-Attacker
mvn clean install # package is not enough, you need to install it so TLS-Scanner can use it as a library.
view raw gistfile1.txt hosted with ❤ by GitHub
Now we can clone and install the TLS-Scanner
cd ..
git clone https://github.com/RUB-NDS/TLS-Scanner.git
cd TLS-Scanner
mvn clean package
view raw gistfile1.txt hosted with ❤ by GitHub

Docker

We also provide a Dockerfile, which lets you run the scanner directly
$ docker build . -t tlsscanner
view raw gistfile1.txt hosted with ❤ by GitHub

Getting Started


If you start the TLS-Scanner you should be greeted by a usage info, similar to the one below:

java -jar TLS-Scanner.jar
view raw gistfile1.txt hosted with ❤ by GitHub
 or

docker run -t tlsscanner
view raw gistfile1.txt hosted with ❤ by GitHub
Usage: <main class> [options]
Options:
-aggressiv
The level of concurrent handshakes (only applies to some resource
intensive tests)
Default: 1
-config
This parameter allows you to specify a default TlsConfig
* -connect
Who to connect to. Syntax: localhost:4433
-danger
Integer value (1 - 10) which specifies how aggressive the Scanner should
test. Default 10
Default: 10
-debug
Show extra debug output (sets logLevel to DEBUG)
Default: false
-h, -help
Prints usage for all the existing commands.
-implementation
If you are interessted in the vulnerability of an implementation rather
than a specific site
Default: false
-noColor
If you use Windows or don't want colored text.
Default: false
-quiet
No output (sets logLevel to NONE)
Default: false
-reportDetail
How detailed do you want the report to be?
Default: NORMAL
Possible Values: [ALL, DETAILED, NORMAL, QUICK]
-scanDetail
How detailed do you want to scan?
Default: NORMAL
Possible Values: [ALL, DETAILED, NORMAL, QUICK]
-starttls
Starttls protocol. Choose from ftp, imap, pop3, smtp.
Default: NONE
Possible Values: [NONE, FTP, IMAP, POP3, SMTP]
-threads
How many threads should execute Probes
Default: 1
-timeout
The timeout used for the scans in ms (default 1000)
Default: 1000
view raw gistfile1.txt hosted with ❤ by GitHub

This should give you an overview of the supported command line flags. The only really required one is the -connect flag (similar to OpenSSL and TLS-Attacker), with which you specify which host to scan. The most basic command is therefore:

java -jar TLS-Scanner.jar -connect somehost.de
view raw gistfile1.txt hosted with ❤ by GitHub
Your output may look something like this:

Scanned in: 204s
Report for hackmanit.de
--------------------------------------------------------
Supported Protocol Versions
TLS10
TLS11
TLS12
--------------------------------------------------------
Versions
SSL 2.0 : false
SSL 3.0 : false
TLS 1.0 : true
TLS 1.1 : true
TLS 1.2 : true
TLS 1.3 : false
TLS 1.3 Draft 14 : false
TLS 1.3 Draft 15 : false
TLS 1.3 Draft 16 : false
TLS 1.3 Draft 17 : false
TLS 1.3 Draft 18 : false
TLS 1.3 Draft 19 : false
TLS 1.3 Draft 20 : false
TLS 1.3 Draft 21 : false
TLS 1.3 Draft 22 : false
TLS 1.3 Draft 23 : false
TLS 1.3 Draft 24 : false
TLS 1.3 Draft 25 : false
TLS 1.3 Draft 26 : false
TLS 1.3 Draft 27 : false
TLS 1.3 Draft 28 : false
--------------------------------------------------------
Supported Ciphersuites
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
--------------------------------------------------------
Supported in TLS10
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
--------------------------------------------------------
Supported in TLS11
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
--------------------------------------------------------
Supported in TLS12
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_RSA_WITH_AES_256_GCM_SHA384
TLS_RSA_WITH_AES_256_CBC_SHA256
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
TLS_RSA_WITH_AES_128_GCM_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA256
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
--------------------------------------------------------
Symmetric Supported
Null : false
Export : false
Anon : false
DES : false
SEED : false
IDEA : false
RC2 : false
RC4 : false
3DES : false
AES : true
CAMELLIA : true
ARIA : false
CHACHA20 POLY1305 : false
--------------------------------------------------------
KeyExchange Supported
RSA : true
DH : true
ECDH : true
GOST : false
Kerberos : false
Plain PSK : false
PSK RSA : false
PSK DHE : false
PSK ECDHE : false
Fortezza : false
New Hope : false
ECMQV : false
--------------------------------------------------------
Perfect Forward Secrecy
Supports PFS : true
Prefers PFS : true
Supports Only PFS : false
--------------------------------------------------------
Cipher Types Supports
Stream : false
Block : true
AEAD : true
--------------------------------------------------------
Ciphersuite General
Enforces Ciphersuite ordering : true
--------------------------------------------------------
Supported Extensions
SERVER_NAME_INDICATION
EC_POINT_FORMATS
HEARTBEAT
SESSION_TICKET
RENEGOTIATION_INFO
--------------------------------------------------------
Extensions
Secure Renegotiation : true
Extended Master Secret : false
Encrypt Then Mac : false
Tokenbinding : false
--------------------------------------------------------
TLS 1.3 Named Groups
none
--------------------------------------------------------
Supported Named Groups
SECP256R1
--------------------------------------------------------
Supported Compressions
NULL
--------------------------------------------------------
Common Bugs [EXPERIMENTAL]
Version Intolerant : false
Ciphersuite Intolerant : false
Extension Intolerant : false
CS Length Intolerant (>512 Byte) : false
Compression Intolerant : false
ALPN Intolerant : false
CH Length Intolerant : false
NamedGroup Intolerant : false
Empty last Extension Intolerant : false
SigHashAlgo Intolerant : false
Big ClientHello Intolerant : false
2nd Ciphersuite Byte Bug : false
Ignores offered Ciphersuites : false
Reflects offered Ciphersuites : false
Ignores offered NamedGroups : false
Ignores offered SigHashAlgos : true
--------------------------------------------------------
Attack Vulnerabilities
Padding Oracle : false
Bleichenbacher : false
CRIME : false
Breach : false
Invalid Curve : false
Invalid Curve Ephemerals : false
SSL Poodle : false
TLS Poodle : false
CVE-20162107 : false
Logjam : false
Sweet 32 : false
DROWN : false
Heartbleed : Unknown
EarlyCcs : false
--------------------------------------------------------
Bleichenbacher Details
CKE_CCS_FIN - No Behavior Difference
CKE - No Behavior Difference
CKE_CCS - No Behavior Difference
CKE_FIN - No Behavior Difference
--------------------------------------------------------
PaddingOracle Responsemap
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
--------------------------------------------------------
RFC
Checks MAC (AppData) : correct
Checks MAC (Finished) : correct
Checks VerifyData : correct
--------------------------------------------------------
Certificates
Fingerprint : 214ee696de3dc367a86c53f08154b1b8725a7992be85a366b7fba38f227bf7f0
Subject : CN=hackmanit.de
CommonNames : #311530130603550403130c6861636b6d616e69742e6465
Valid From : Wed Feb 27 08:51:34 CET 2019
Valid Till : Tue May 28 09:51:34 CEST 2019
PublicKey : RSA Public Key [38:68:38:ac:e3:c2:c7:2e:60:d6:0d:dd:35:51:4e:9b:80:5b:fc:83]
modulus: b2a10f47f793b4fdc487f44a06865f3dc4a49deb14db397f3e1ce575a528ec8a053de24e28c941798f2c66d084132f9c94a8f8693f89e58faf08612f6a95a6d17557ea8ebe4ba78166f02222bc3a2b60f42b67a6e5967ce1b1397fff4a08e3b4d50254309f711b92dfae79a5509aa82b4798c81fdd9f38258fa88f7481c04b76298eb7aa76d0fc465f5d2bcb9901da5e7078eaf5c1b2897b92c8fd18a9e6eab240e8e8b696d42a3f1501cd8404979a8b76c620b4eb0e2e835192e450e896ae7da0a91e04a917b12e4325a649084da873adc2d474fbdd2b14e49171f7ac94e593cb9ae8a92b31275b68fde3e62bc601f7cba81897838b24806a7faec67dafc69d
public exponent: 10001
Issuer : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
Signature Algorithm : RSA
Hash Algorithm : SHA256
ROCA (simple) : false
Fingerprint : 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
Subject : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
CommonNames : #312330210603550403131a4c6574277320456e637279707420417574686f72697479205833
Valid From : Thu Mar 17 17:40:46 CET 2016
Valid Till : Wed Mar 17 17:40:46 CET 2021
PublicKey : RSA Public Key [7e:b7:3a:83:81:d9:d9:c1:42:38:24:7a:ff:51:4a:57:d3:bf:4b:68]
modulus: 9cd30cf05ae52e47b7725d3783b3686330ead735261925e1bdbe35f170922fb7b84b4105aba99e350858ecb12ac468870ba3e375e4e6f3a76271ba7981601fd7919a9ff3d0786771c8690e9591cffee699e9603c48cc7eca4d7712249d471b5aebb9ec1e37001c9cac7ba705eace4aebbd41e53698b9cbfd6d3c9668df232a42900c867467c87fa59ab8526114133f65e98287cbdbfa0e56f68689f3853f9786afb0dc1aef6b0d95167dc42ba065b299043675806bac4af31b9049782fa2964f2a20252904c674c0d031cd8f31389516baa833b843f1b11fc3307fa27931133d2d36f8e3fcf2336ab93931c5afc48d0d1d641633aafa8429b6d40bc0d87dc393
public exponent: 10001
Issuer : O=Digital Signature Trust Co.,CN=DST Root CA X3
Signature Algorithm : RSA
Hash Algorithm : SHA256
ROCA (simple) : false
--------------------------------------------------------
Certificate Checks
Expired Certificates : false
Not yet Valid Certificates : false
Weak Hash Algorithms : false
--------------------------------------------------------
Session
Supports Session resumption : true
Supports Session Tickets : true
--------------------------------------------------------
Renegotioation & SCSV
Clientside Secure : false
Clientside Insecure : false
--------------------------------------------------------
HSTS
Not supported
--------------------------------------------------------
HPKP
Not supported
--------------------------------------------------------
HTTPS Response Header
Date:Thu, 28 Mar 2019 10:39:00 GMT
Server:Apache
Location:https://www.hackmanit.de/
Content-Length:296
Keep-Alive:timeout=5, max=100
Connection:Keep-Alive
Content-Type:text/html; charset=iso-8859-1
--------------------------------------------------------
Nonce
Random : No Duplicates (wip)
--------------------------------------------------------
PublicKey Parameter
EC PublicKey reuse : false
DH PublicKey reuse : false
Uses Common DH Primes : true
2048-bit MODP from RFC 3526
Uses Non-Prime Moduli : false
Uses Nonsafe-Prime Moduli : false
DH Strength : 2048
view raw gistfile1.txt hosted with ❤ by GitHub
By default, TLS-Scanner will run single-threaded. In such cases the scanning will take a while; just how long it will take depends on your server configuration. The scanner also supports multi-threading, which drastically improves the performance. There are two parameters to play around with, -threads, which controls how many different "probes" are executed in parallel, and -aggressive , which controls how many handshakes can be executed simultaneously. If you want the fastest results the following parameters are usually a good choice:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100
view raw gistfile1.txt hosted with ❤ by GitHub
But lets get back to the results of the Scanner. Currently the Scanner supports a bunch of well known tests, like supported ciphersuites or protocol versions. These are very similar to what you may be used to from other scanners like ssllabs or testssl.sh.

Padding Oracles

The main advantage of our scanner is the ability to scan for padding oracle vulnerabilities (which is probably why you are reading this post). You will see if you are vulnerable in the "Attack Vulnerabilities" section. For example, when scanning hackmanit.de, the result is false. Good for us! But as you might have seen there is also another section in the scanner report:"PaddingOracle Responsemap"
This section lists the responses of the scanned host for each padding oracle vector, for each cipher suite and protocol version. For hackmanit.de, there is no detected difference in responses, which means hackmanit.de is not vulnerable to the attack:
PaddingOracle Responsemap
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
view raw gistfile1.txt hosted with ❤ by GitHub
If we want, we can also look at the concrete responses of the server. For this purpose, we start the scanner with the -reportDetail flag:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 -reportDetail ALL
view raw gistfile1.txt hosted with ❤ by GitHub
With this flag we now get the following details:

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
Response Map
BasicMac-47-01 [BAD_RECORD_MAC] ENC X
BasicMac-24-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
InvPadValMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-31 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-25-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-25-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
Response Map
BasicMac-31-01 [BAD_RECORD_MAC] ENC X
BasicMac-16-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
Response Map
BasicMac-31-01 [BAD_RECORD_MAC] ENC X
BasicMac-16-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
Response Map
BasicMac-31-01 [BAD_RECORD_MAC] ENC X
BasicMac-16-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
Response Map
BasicMac-31-01 [BAD_RECORD_MAC] ENC X
BasicMac-16-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
Response Map
BasicMac-31-01 [BAD_RECORD_MAC] ENC X
BasicMac-16-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] ENC X
BasicMac-10-08 [BAD_RECORD_MAC] ENC X
BasicMac-0-80 [BAD_RECORD_MAC] ENC X
MissingMacByteFirst [BAD_RECORD_MAC] ENC X
MissingMacByteLast [BAD_RECORD_MAC] ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
Plain FF [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
view raw gistfile1.txt hosted with ❤ by GitHub
So what does this all mean? First of all, we named our malformed records. The interpretation of those names is visualized in the following table:
BasicMac-<position>-<XOR>  A Record with ApplicationData, MAC and padding bytes, where the padding byte at <position> is XOR'd <XOR>
 MissingMacByteFirst A Record without ApplicationData, where the first byte of the MAC is missing
 MissingMacByteLast A Record without ApplicationData, where the last byte of the MAC is missing
 Plain FF A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xFF 
 Plain 3F A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xF3
 InvPadValMac-[<position>]-<appDataLength>-<paddingBytes> A Record with invalid padding and valid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The Padding is invalid at <position>.
 ValPadInvMac-[<position>]-<appDataLength>-<paddingBytes> A Record with valid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at <position>.
 InvPadInvMac-[<position>]-<appDataLength>-<paddingBytes> A Record with invalid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at the first position. The Padding is invalid at <position>.

Next to the name you can see what the actual response from the server was. Alert messages which are in [] brackets indicate that the alert was a fatal alert while () brackets indicate a warning alert. ENC means that the messages were encrypted (which is not always the case). The last symbol in each line indicates the state of the socket. An X represents a closed socket with a TCP FIN, a T indicates that the socket was still open at the time of measurement and an @ indicates that the socket was closed with an RST. So how did Hackmanit respond? We see a [BAD_RECORD_MAC]  ENC X, which means we received an ENCrypted FATAL BAD_RECORD_MAC alert, and the TCP connection was closed with a TCP FIN. If a server appears to be vulnerable, the scanner will execute the scan a total of three times to confirm the vulnerability. Since this response is identical to all our vectors, we know that the server was not vulnerable and the scanner is not re-executing the workflows.

Here is an example of a vulnerable host:
TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS12 - SOCKET_STATE VULNERABLE
Response Map
BasicMac-19-01 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
BasicMac-10-08 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
BasicMac-0-80 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
MissingMacByteFirst [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
MissingMacByteLast [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
Plain FF [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
view raw gistfile1.txt hosted with ❤ by GitHub
As you can see, this time the workflows got executed multiple times, and the scanner reports the cipher suite and version as vulnerable because of "SOCKET_STATE". This means that in some cases the socket state revealed information about the plaintext. If you look closely, you can see that for ValPadInvMac-[0]-0-59, ValPadInvMac-[8]-0-59 and ValPadInvMac-[15]-0-59 the server failed to close the TCP socket, while for all other vectors the TCP connect was closed with a TCP FIN. The server was therefore vulnerable.

Since the server was vulnerable, TLS-Scanner will also print an additional section: "PaddingOracle Details"

In this section we try to identify the vulnerability. In the example above, TLS-Scanner will print the following:

PaddingOracle Details
Identification : Openssl CVE-2019-1559
CVE : Openssl CVE-2019-1559
Strength : STRONG
Observable : true
If an application encounters a fatal protocol error and then calls
SSL_shutdown() twice (once to send a close_notify and once to receive one), then OpenSSL can respond differently to the calling application if a 0-byte record is received with invalid padding compared to if a 0-byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data.
For this to be exploitable, "non-stitched" cipher suites must be in
use. Stitched cipher suites are optimized implementations of specific commonly used cipher suites. Also, the application must call SSL_shutdown() twice even if a
protocol error has occurred (applications should not do this, but some do
anyway).
This issue does not impact OpenSSL 1.1.1 or 1.1.0.
OpenSSL 1.0.2 users should upgrade to 1.0.2r.
--------------------------------------------------------
Affected Products
Openssl < 1.0.2r
If your tested software/hardware is not in this list, please let us know so we can add it here.
view raw gistfile1.txt hosted with ❤ by GitHub
As you can see, we attribute this vulnerability to OpenSSL <1.0.2r. We do so by looking at the exact responses to our malformed records. We additionally print two important facts about the vulnerability: Whether it is observable and its strength. The precise details of these properties are beyond the scope of this blogpost, but the short version is:
If an oracle is observable, a man in the middle attacker can see the differences between the vectors by passively observing the traffic, without relying on browser or application specific tricks. A strong oracle has no limitations in the number of consecutive bytes an attacker can decrypt. If an oracle is STRONG and OBSERVABLE, then an attacker can realistically exploit it. This is the case in the example above.
For more details on this, you will have to wait for the paper.

Attribution

As you can see, we try to fingerprint the responsible device/implementation. However, we were not able to identify all vulnerable implementations yet. If we cannot attribute a vulnerability you will receive the following message:

Could not identify the vulnerability. Please contact us if you know which software/hardware is generating this behavior.

If you encounter this message, we do not know yet who is responsible for this padding oracle and would be happy to know which device/vendor is responsible. If you know who is, please contact us so that we can get in contact with the vendor to fix the issue. To reiterate, the tool never sends any data back to us, and it is your choice whether to contact us manually or not.

There are also some cases in which we can identify the vendor, but the vendor has not patched the vulnerability yet. If you encounter such a host, the scanner will tell you that we know the responsible vendor. To prevent abuse, we do not include further details.

Non-Determinism and Errors

In some cases, the scanner is unable to scan for padding oracles and reports ERROR or non-deterministic responses. The ERROR cases appear if the scanner failed could not handshake with the specified cipher suite and protocol version. This might be due to a bug in the tested TLS-Server or a bug in TLS-Attacker or TLS-Scanner. If you think the handshake fails because of an issue on our side, please open an issue on Github, and we will investigate. The more interesting cases are the non-deterministic ones. In such cases the scanner observed non-identical scan results in three separate scans. This can be due to non-determinism in the software, connection errors, server load or non-homogeneous load balancing. Currently, you will have to analyze these cases manually. In the paper, we excluded such hosts from our study because we did not want to artificially improve our results. But we understand that you as a tester want to know if the server is vulnerable or not. If the server is not truly vulnerable you would see the differences between the answers spread across all the different vectors. If the differences only appear on a subset of malformed records the server is very likely vulnerable. If you are unsure, you can also always scan multiple times (or scan slowly), increase the timeout, or if you are entirely lost get in touch with us. 


How YOU can help

Please use the scanner on all your hosts and check for padding oracle vulnerabilities. If the scanner can identify your vulnerability, a patch should already be available. Please patch your system! If the scanner does not identify the vulnerability (and instructs you to contact us), please contact us with the details (robert.merget@rub.de). If you can provide us with the detailed output of the scanner or even better, the name of the host, with the corresponding vendor, we could match the results with our database and help fix the issue. We can already attribute over 90% of the vulnerabilities, but there is still a lot to be discovered. We mostly scanned the Alexa top 1-million on port 443. Other protocols like IMAPS, POP3S, etc. might have different implementations with different vulnerabilities. If you find vulnerabilities with our tool, please give us credit. It helps us to get more funding for our project.

Issues with the Scanner


A notable feature of our scanner is that we do not actively try to avoid intolerances (like not scanning with a lot of cipher suites in the Hello messages etc.). We believe that doing so would hide important bugs. We are currently experimenting with intolerances checks, but the feature is now still in beta. If we cannot scan a server (most of the time due to intolerances or SNI problems), the scanner will report a lot of intolerances and usually no supported protocol versions. Some intolerances may trick the scanner into reporting false results. At the current stage, we cannot make any guarantees. If you are using this tool during a pentest, it might be smart to rescan with other scanners (like the recently released padcheck tool from our colleague Craig Young) to find the ground truth (this is good advice in general, since other mainstream scanners likely have the same issues). Note however that it is very unlikely that the scanner reports a false positive on a padding oracle scan.


Conclusion

There are still a lot of padding oracle vulnerabilities out there - and a lot of them are still unpatched. We hope you will find some bugs with the tool :) Happy H4cking :D


Acknowlegements

This is joint work from Robert Merget (@ic0nz1), Juraj Somorovsky (@jurajsomorovsky),  Nimrod Aviram (@NimrodAviram), Janis Fliegenschmidt (@JanisFliegens), Craig Young (@craigtweets), Jörg Schwenk (@JoergSchwenk) and (Yuval Shavitt).
Related posts
发表者 october 位置在: 8/31/2020 0 评论

Meta-aprendizaje Con GPT-3: Aprender A Sumar Leyendo O A Escribir Código Fuente Con Servicios Cognitivos De Texto Predictivo.

En el equipo de Ideas Locas nos encanta hacer proyectos y trabajar con tecnologías de Inteligencia Artificial. Dentro de este tan amplio campo, los servicios cognitivos de NLP (Natural Language Processing) están adquiriendo cada vez mayor importancia. Gracias a ellos podemos empezar a crear interfaces de usuario que humanizan la interacción persona-ordenador, con todas las ventajas que ello supone. 

Figura 1: Meta-aprendizaje con GPT-3: Aprender a sumar leyendo
o a escribir código fuente con servicios cognitivos de Texto Predictivo.

Dentro de este subconjunto de servicios que tratan de alcanzar la paridad humana, hoy os quiero hablar de la generación de texto, o los servicios de Texto Predictivo que ya se usaron en el pasado para construir novelas inventadas de Harry Potter, Drácula o Don Quijote de la Mancha como nos contó nuestro compañeros Fran Ramírez, y tenéis el artidulo de Chema Alonso sobre cómo los servicios de AI han comenzado a superar la paridad humana.

Figura 2: Creación de novelas con herramientas de Texto Predictivo

El problema del Texto Predictivo es aparentemente sencillo de entender. Se trata de crear un modelo entrenado que debe predecir el siguiente elemento del texto basándose en una secuencia previa de caracteres que llevarán a criterios puramente probabilísticos. Por tanto, dada una entrada como  "soy hacke" la salida del modelo debería de ser una "r". A nivel humano esto parece obvio pero la creación y el entrenamiento de estos modelos de IA es realmente complejo, debido a que el lenguaje lo es, aunque no nos demos cuenta como hablantes. 

Figura 3: Modelo de texto predictivo entrenado con probabilidades

Para resolver este problema, el último modelo que ha visto la luz ha sido GPT-3  (con permiso de GShard  de Google que lleva escasos días público) y ha sido desarrollado por OpenAI, empresa de Elon Musk. Es el pistoletazo de salida de una nueva generación de modelos gigantescos  - para que os hagáis una pequeña idea, GPT-3 cuenta con 175.000 millones de parámetros - desarrollados y entrenados por grandes empresas tecnológicas para ser servidos a los usuarios a través de APIs

Figura 4: GPT-3 en GitHub

Estos modelos tienen muchas utilidades de todo tipo, y algunos ejemplos los tenéis en el libro de Machine Learning aplicado a Ciberseguridad: Técnicas y ejemplos en la detección de amenazas de nuestros compañeros Fran Ramírez, Carmen Torrano, Sergio Hernández y José Torres. Son tan potentes que estas APIs son privadas y se debe rellenar un formulario detallando los usos que se le va a dar junto con los posibles riesgos, para luego esperar que sea aceptado, ya que podrían usarse para cosas que podrían considerarse negativas.

Figura 5: Libro de Machine Learning aplicado a Ciberseguridad

Puede resultar algo exagerado para un modelo que únicamente predice la siguiente letra, ¿verdad?. Lo que se ha observado con GPT-3, que ya se empezaba a intuir con su hermano pequeño GPT-2, es que es capaz de desarrollar un meta-aprendizaje, es decir, ha aprendido a aprender. Esto es resultado de haber sido entrenado con prácticamente la totalidad de los textos que hay en la red y es aquí es donde reside la potencia de este modelo.

Figura 6: Formulario para ser aceptado


Comúnmente, un modelo se desarrolla para resolver un problema específico. Sin embargo, GPT-3 ha cambiado radicalmente esta mentalidad, ya que ha sido entrenado para una tarea general y son los usuarios los que han ido encontrando distintos casos de uso en los que el modelo se desenvuelve a la perfección. Vamos a ver algunos ejemplos en diferentes ámbitos.

Generación de texto

La generación de texto es el problema fundamental para el cual el modelo ha sido entrenado, por tanto, su desempeño en esta tarea es espectacular. Es capaz de generar contenido escrito de forma que el lector ni se percate de que el texto ha sido generado por un modelo de IA. Pero mucho ojo con esto, porque puede ser utilizado para generar desinformación y ser usado en Fake News.


Operaciones matemáticas

El modelo es capaz de predecir que después de la secuencia "3 + 3 = " el carácter más probable es el "6". ¿Esto significa que sepa sumar? Realmente no, es únicamente cuestión de probabilidad, pero sí que puede dar respuesta a operaciones matemáticas de esta forma... ¿se podrían hacer cálculos matemáticos seguros?

Escribir código

GPT-3 es capaz de escribir código en distintos lenguajes de programación mediante una descripción en lenguaje natural, consiguiendo incluso el desarrollo de frontales web o de redes neuronales.




Estos son únicamente unos ejemplos de lo que GPT-3 es capaz de lograr en los meses que lleva en producción, y puedes ver muchos más ejemplos de aplicación de GPT-3 en este enlace de GPT-3 examples. Nadie sabe aún cuáles son los límites de estos modelos y que nos depararán los próximos que salgan a la luz pero, ¿a que ya no resulta tan exagerado poner las APIs privadas?

Autor: Pablo Saucedo (@psaucedo)

Sigue Un informático en el lado del mal RSS 0xWord

This article is the property of Tenochtitlan Offensive Security. Verlo Completo --> https://tenochtitlan-sec.blogspot.com

Related links


发表者 october 位置在: 8/31/2020 0 评论

8/30/2020

Vlang Binary Debugging

Why vlang? V is a featured, productive, safe and confortable language highly compatible with c, that generates neat binaries with c-speed, the decompilation also seems quite clear as c code.
https://vlang.io/

After open the binary with radare in debug mode "-d" we proceed to do the binary recursive analysis with "aaaa" the more a's the more deep analys.



The function names are modified when the binary is crafted, if we have a function named hello in a module named main we will have the symbol main__hello, but we can locate them quicly thanks to radare's grep done with "~" token in this case applied to the "afl" command which lists all the symbols.


Being in debug mode we can use "d*" commands, for example "db" for breakpointing the function and then "dc" to start or continue execution.


Let's dissasemble the function with "pD" command, it also displays the function variables and arguments as well, note also the xref "call xref from main"


Let's take a look to the function arguments, radare detect's this three 64bits registers used on the function.


Actually the function parameter is rsi that contains a testing html to test the href extraction algorithm.


The string structure is quite simple and it's plenty of implemented methods.




With F8 we can step over the code as we were in ollydbg on linux.


Note the rip marker sliding into the code.


We can recognize the aray creations, and the s.index_after() function used to find substrings since a specific position.


If we take a look de dissasembly we sill see quite a few calls to tos3() functions.
Those functions are involved in string initialization, and implements safety checks.

  • tos(string, len)
  • tos2(byteptr)
  • tos3(charptr)

In this case I have a crash in my V code and I want to know what is crashing, just continue the execution with "dc" and see what poits the rip register.



In visual mode "V" we can see previous instructions to figure out the arguments and state.


We've located the crash on the substring operation which is something like "s2 := s1[a..b]" probably one of the arguments of the substring is out of bounds but luckily the V language has safety checks and is a controlled termination:



Switching the basic block view "space" we can see the execution flow, in this case we know the loops and branches because we have the code but this view also we can see the tos3 parameter "href=" which is useful to locate the position on the code.



When it reach the substr, we can see the parameters with "tab" command.



Looking the implementation the radare parameter calculation is quite exact.


Let's check the param values:


so the indexes are from 0x0e to 0x24 which are inside the buffer, lets continue to next iteration,
if we set a breakpoint and check every iteration, on latest iteration before the crash we have the values 0x2c to 0x70 with overflows the buffer and produces a controlled termination of the v compiled process.





Related posts


发表者 october 位置在: 8/30/2020 0 评论
Subscribe to: Posts (Atom)