3

I used Fiddler and hit a https website because wanted to see if I fully disabled SSL and only using TLS on my laptop.

In Request part I see these listed:

Ciphers: 
    [3A3A]  Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/
[C02B]  TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[C02F]  TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[C02C]  TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C030]  TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[CCA9]  TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[CCA8]  TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C013]  TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
[C014]  TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
[009C]  TLS_RSA_WITH_AES_128_GCM_SHA256
[009D]  TLS_RSA_WITH_AES_256_GCM_SHA384
[002F]  TLS_RSA_AES_128_SHA
[0035]  TLS_RSA_AES_256_SHA
[000A]  SSL_RSA_WITH_3DES_EDE_SHA

In Reply section I see this:

A SSLv3-compatible ServerHello handshake was found. Fiddler extracted the parameters below.

> Version: 3.3 (TLS/1.2) SessionID: 96 50 2E A8 9A 79 F0 96 36 47 45 0F
> FE 9C A9 7A 17 71 FC 23 6C 2C B7 AF B9 AF D9 7E F4 98 0C 70
> Random:       AD 94 44 B0 70 49 22 60 35 72 F3 68 C1 25 1D 91 80 E1 FE AD
> D6 80 F1 40 36 E5 7A 38 66 3B EF C1
> Cipher:       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]
> CompressionSuite: NO_COMPRESSION [0x00] Extensions:
>       renegotiation_info  00      ALPN        h2
Travolta
  • 143
  • 1
  • 3
  • It clearly says in the servers response `Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]`. For more information on how to interpret the TLS handshake see [How does SSL/TLS work?](https://security.stackexchange.com/questions/20803/how-does-ssl-tls-work). – Steffen Ullrich May 11 '17 at 18:15

2 Answers2

4

The ciphersuite being used is shown in the reply section here: Cipher: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [0xC02F]

The version of TLS being used in shown in the same block at the top, here: (TLS/1.2)

So, you are using TLS 1.2 with an RSA certificate for authentication, ECDHE as the key exchange mechanism, the data is being protected with AES-128-GCM, and SHA-256 is the PRF.

However, this does not answer what appears to be your real question, which is SSLv3 disabled? You cannot tell that from this connection, only that you did not use SSLv3 for this connection, and that your browser (and this server) can successfully negotiate a TLS v1.2 connection.

If you want to ensure that SSLv3 is in fact disabled, you need to attempt to connect to a server that does not support any version of TLS, or in otherwords, anything higher than SSLv3, and ensure that the connection fails. The fact that you can negotiation a TLS connection tells you nothing about whether you can or cannot connect to a site using SSLv3.

A simpler option: Use a tool like the SSL Labs browser tester which will immediately tell you what your browser is capable of, and give you a definitive Yes or No on whether SSLv3 support has indeed been disabled.

Xander
  • 35,616
  • 27
  • 114
  • 141
4

The protocol being used is (TLS/1.2), with cipher suite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

  • ephemeral ECDH for key exchange
  • RSA for verifying the ECDH parameters
  • 128-bit AES in GCM (Galois/Counter Mode of operation) for bulk symmetric encryption and integrity
  • SHA-256 for the pseudo-random function (PRF) required by other parts of the suite (note that it is not used for HMAC integrity checks of the data; GCM ensures the integrity of the encrypted data)

This is a TLS 1.2 cipher suite. However, that doesn't actually tell you if the server will only speak TLS. If you want to check that, you should use a SSL/TLS configuration scanning tool.

  • For publicly-available servers, Qualys SSL Test scanner is great; it provides a ton of information with references and an easily-understood overall rating.
  • For internal or restricted-access servers, SSLyze is a free and open-source scanner that you can run from any machine. It will give you results very quickly, though it doesn't provide as much wealth of information as Qualys' scanner does.
  • For browsers (or other clients), the best bet is Qualys SSL client test.

Note that even if you disabled SSL in some programs on your machine, there's nothing preventing other programs from using it. Many SSL/TLS client and server applications use their own library (usually a bundled copy of OpenSSL) and they can pass whatever protocol parameters to it they want.

CBHacking
  • 42,359
  • 3
  • 76
  • 107