openssl漏洞检查修复

漏洞发现

[root@localhost Git]# nmap -sV --script ssl-enum-ciphers -p 8888 x.x.x.x
Starting Nmap 6.40 ( http://nmap.org ) at 2022-09-14 21:52 CST
Stats: 0:01:13 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 0.00% done
Nmap scan report for x.x.x.x
Host is up (0.047s latency).
PORT     STATE SERVICE    VERSION
8888/tcp open  ssl/abyss?
| ssl-enum-ciphers: 
|   SSLv3: 
|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_IDEA_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|       TLS_RSA_WITH_SEED_CBC_SHA - strong
|     compressors: 
|       NULL
|   TLSv1.0: 
|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_IDEA_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|       TLS_RSA_WITH_SEED_CBC_SHA - strong
|     compressors: 
|       NULL
|   TLSv1.1: 
|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_IDEA_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|       TLS_RSA_WITH_SEED_CBC_SHA - strong
|     compressors: 
|       NULL
|   TLSv1.2: 
|     ciphers: 
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_256_GCM_SHA384 - strong
|       TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong
|       TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong
|       TLS_RSA_WITH_IDEA_CBC_SHA - weak
|       TLS_RSA_WITH_RC4_128_MD5 - strong
|       TLS_RSA_WITH_RC4_128_SHA - strong
|       TLS_RSA_WITH_SEED_CBC_SHA - strong
|     compressors: 
|       NULL
|_  least strength: weak
 
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 160.05 seconds

漏洞描述
TLS, SSH, IPSec协商及其他产品中使用的IDEA、DES及Triple DES密码或者3DES及Triple 3DES存在大约四十亿块的生日界，这可使远程攻击者通过Sweet32攻击，获取纯文本数据。
TLS是安全传输层协议，用于在两个通信应用程序之间提供保密性和数据完整性。

<*来源：Karthik Bhargavan Gaetan Leurent
链接：https://www.openssl.org/news/secadv/20160922.txt
*>

漏洞解决
重点：避免使用IDEA、DES和3DES算法
1、OpenSSL Security Advisory [22 Sep 2016]
链接：https://www.openssl.org/news/secadv/20160922.txt
请在下列网页下载最新版本：  
https://www.openssl.org/source/
2、对于nginx、apache、lighttpd等服务器禁止使用DES加密算法 
主要是修改conf文件
3、Windows系统可以参考如下链接：
https://social.technet.microsoft.com/Forums/en-US/31b3ba6f-d0e6-417a-b6f1-d0103f054f8d/ssl-medium-strength-cipher-suites-supported-sweet32cve20162183?forum=ws2016
https://docs.microsoft.com/zh-cn/troubleshoot/windows-server/windows-security/restrict-cryptographic-algorithms-protocols-schannel

4、如果是tcp+ssl(tcp服务端然后用ssl加密数据流)服务端，这时候我们调用的是openssl.so的库函数对数据进行加解密，同样可以指定加密算法套件，这里只列出关键代码：

    ctx = SSL_CTX_new(TLSv1_2_server_method());
 
    if (!SSL_CTX_set_cipher_list(ctx, "RSA+AES")) {
		Log("error in cipher list");
        goto err_ssl;
    }

漏洞验证

[root@localhost GitHub]# nmap -sV --script ssl-enum-ciphers -p 8888 x.x.x.x
 
Starting Nmap 6.40 ( http://nmap.org ) at 2022-09-14 21:42 CST
Stats: 0:01:48 elapsed; 0 hosts completed (1 up), 1 undergoing Service Scan
Service scan Timing: About 0.00% done
Nmap scan report for x.x.x.x
Host is up (0.044s latency).
PORT     STATE SERVICE    VERSION
8888/tcp open  ssl/abyss?
| ssl-enum-ciphers: 
|   SSLv3: No supported ciphers found
|   TLSv1.2: 
|     ciphers: 
|       TLS_RSA_WITH_AES_128_CBC_SHA - strong
|       TLS_RSA_WITH_AES_128_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_128_GCM_SHA256 - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA - strong
|       TLS_RSA_WITH_AES_256_CBC_SHA256 - strong
|       TLS_RSA_WITH_AES_256_GCM_SHA384 - strong
|     compressors: 
|       NULL
|_  least strength: strong
 
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 150.03 seconds

检查ssh

登陆本机检查ssh使用的所有加密套件

[root@ii bin]# ssh -Q cipher
3des-cbc
blowfish-cbc
cast128-cbc
arcfour
arcfour128
arcfour256
aes128-cbc
aes192-cbc
aes256-cbc
rijndael-cbc@lysator.liu.se
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
chacha20-poly1305@openssh.com

远程通过nmap扫ssh开启的加密套件 

[root@localhost xxx]# nmap --script ssh2-enum-algos -sV -p 22 xxx.xxx.xxx.xxx
Starting Nmap 6.40 ( http://nmap.org ) at 2022-10-08 10:17 CST
Nmap scan report for 8.140.187.195
Host is up (0.037s latency).
PORT     STATE SERVICE VERSION
9990/tcp open  ssh     OpenSSH 7.4 (protocol 2.0)
| ssh2-enum-algos: 
|   kex_algorithms (12)
|       curve25519-sha256
|       curve25519-sha256@libssh.org
|       ecdh-sha2-nistp256
|       ecdh-sha2-nistp384
|       ecdh-sha2-nistp521
|       diffie-hellman-group-exchange-sha256
|       diffie-hellman-group16-sha512
|       diffie-hellman-group18-sha512
|       diffie-hellman-group-exchange-sha1
|       diffie-hellman-group14-sha256
|       diffie-hellman-group14-sha1
|       diffie-hellman-group1-sha1
|   server_host_key_algorithms (5)
|       ssh-rsa
|       rsa-sha2-512
|       rsa-sha2-256
|       ecdsa-sha2-nistp256
|       ssh-ed25519
|   encryption_algorithms (12)
|       chacha20-poly1305@openssh.com
|       aes128-ctr
|       aes192-ctr
|       aes256-ctr
|       aes128-gcm@openssh.com
|       aes256-gcm@openssh.com
|       aes128-cbc
|       aes192-cbc
|       aes256-cbc
|       blowfish-cbc
|       cast128-cbc
|       3des-cbc
|   mac_algorithms (10)
|       umac-64-etm@openssh.com
|       umac-128-etm@openssh.com
|       hmac-sha2-256-etm@openssh.com
|       hmac-sha2-512-etm@openssh.com
|       hmac-sha1-etm@openssh.com
|       umac-64@openssh.com
|       umac-128@openssh.com
|       hmac-sha2-256
|       hmac-sha2-512
|       hmac-sha1
|   compression_algorithms (2)
|       none
|_      zlib@openssh.com
 
Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 1.10 seconds

修改ssh配置

报错

-- Unit sshd.service has begun starting up.
Oct 08 10:37:08 xxx sshd[10523]: /etc/ssh/sshd_config line 41: Deprecated option RSAAuthentication
Oct 08 10:37:08 xxx sshd[10523]: /etc/ssh/sshd_config line 178: Directive 'Ciphers' is not allowed within a Match block
Oct 08 10:37:08 xxx systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Oct 08 10:37:08 xxx systemd[1]: Failed to start OpenSSH server daemon.

[root@xxx bin]# vim /etc/ssh/sshd_config
#如果ssh中sftp配置过下面两句，需要将ssh相关配置放在这两句之前
Ciphers aes128-ctr,aes192-ctr,aes256-ctr
 
Subsystem sftp internal-sftp
Match Group sftp

参考

CVE-2016-2183 修复过程，亲测有效 - SegmentFault 思否

修复DES和Triple DES 信息泄露漏洞(CVE-2016-2183) | 易学教程