Cannot Decryption on Chrome 15.0

[jafmanho]

In my case, i use the version 15.0.849.0 of google chrome to be the victim and the web server use beebox. When i try to "active" the program (poodle-exploit.py), the client's browse will show "this webpage is not available". But the program can run "passive", "downgrade" and "search"
The screen cap is following below. May i know what is the reason cause this issues? Thanks a lot!!!!

[mpgn]

It's related to #7

[mpgn]

Can you try it with firefox ?

[jafmanho]

thanks for your reply. i have tried firefox the latest version, version 6.0 and 8.0 (beta1). But it still cannot. I am not sure is it somethings need to config in firefox. If use firefox, the downgrade function cannot work which show the sending handshake failure.

[mpgn]

First, force SSLv3 in firefox, if it's work then try with the downgrade.

1. Enable only SSLv3: about:config and set security.tls.version.min:0 and security.tls.version.fallback-limit:0 and security.tls.version.max:0.
2. Run a sslscan and confirm that only SSLv3 is enabled
3. Check if only the CBC mode is available, if not change the conf of the webserver to set only CBC cipher suites
   ex with nginx:

ssl_protocols SSLv3;
ssl_ciphers DES-CBC3-SHA;
ssl_prefer_server_ciphers on;

3. Try to run the exploit

I will check if I found the configuration of the nginx and the version today

[jafmanho]

I had follow the step. When try downgrade, firefox show secure connection failed which error is SSL_ERROR_NO_CYPHER_OVERLAP. And also the firefox cannot search the block size.

[mpgn]

What's your version of Firefox ?

[jafmanho]

The latest version and version 6.0 is also same result

[mpgn]

Lastest version of Firefox is indeed not vulnerable, as for version 6.0 of firefox it may be to old. I remember using the version 30 on a windows xp with a vulnerable version of OpenSSL of course (OpenSSL 1.0.1h).

I will try to post all info of my lab this week end.