Set read deadline while making tlsConn handshake #267

RamanaReddy0M · 2023-05-25T14:35:32Z

closes #263

RamanaReddy0M · 2023-05-25T14:55:52Z

ShubhamRasal

The issue mentioned above persists when using the -ce cipher enum with ztls. With ctls taking approximately 1 minute to compute, ztls continues to experience hanging.

tlsx on 🌱 issue-263-timeout-no [$?] via 🐹 v1.20.3 ⚛️ took 47s 
❯ time echo https://example.com  | ./tlsx -sm ctls  -retry 1 -ce
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\	v1.0.9

		projectdiscovery.io

[INF] Current tlsx version v1.0.9 (latest)
[INF] Started TLS Cipher Enumeration using ctls mode
example.com:443 [tls10] [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
example.com:443 [tls11] [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
example.com:443 [tls12] [TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

real	1m2.552s
user	0m0.989s
sys	0m0.400s


❯ time echo https://example.com  | ./tlsx -sm ztls  -retry 1 -ce
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\	v1.0.9

		projectdiscovery.io

[INF] Current tlsx version v1.0.9 (latest)
[INF] Started TLS Cipher Enumeration using ztls mode
^C

real	2m7.189s
user	0m1.445s
sys	0m0.459s```

ShubhamRasal · 2023-05-26T07:49:03Z

The issue mentioned above persists when using the -ce cipher enum with ztls. With ctls taking approximately 1 minute to compute, ztls continues to experience hanging.

tlsx on 🌱 issue-263-timeout-no [$?] via 🐹 v1.20.3 ⚛️ took 47s 
❯ time echo https://example.com  | ./tlsx -sm ctls  -retry 1 -ce
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\	v1.0.9

		projectdiscovery.io

[INF] Current tlsx version v1.0.9 (latest)
[INF] Started TLS Cipher Enumeration using ctls mode
example.com:443 [tls10] [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
example.com:443 [tls11] [TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA]
example.com:443 [tls12] [TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256]

real	1m2.552s
user	0m0.989s
sys	0m0.400s


❯ time echo https://example.com  | ./tlsx -sm ztls  -retry 1 -ce
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\	v1.0.9

		projectdiscovery.io

[INF] Current tlsx version v1.0.9 (latest)
[INF] Started TLS Cipher Enumeration using ztls mode
^C

real	2m7.189s
user	0m1.445s
sys	0m0.459s```

it is working with ztls, but as it has to range over many ciphers than ctls, it taking much longer time

❯  time echo https://example.com  | ./tlsx -sm ztls  -retry 1 -ce -v
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\	v1.0.9

		projectdiscovery.io

[INF] Current tlsx version v1.0.9 (latest)
[INF] Processing input example.com:443
[INF] Started TLS Cipher Enumeration using ztls mode
[ztls] Starting cipher enumeration with 345 ciphers in tls12
[ztls] Starting cipher enumeration with 345 ciphers in tls10
[ztls] Starting cipher enumeration with 345 ciphers in tls11
example.com:443 [tls12] [TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384]
example.com:443 [tls10] [TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA]
example.com:443 [tls11] [TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_AES_256_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA]

real	8m37.448s
user	0m2.477s
sys	0m1.003s

pkg/tlsx/ztls/ztls.go

ShubhamRasal

lgtm 🚀

set read deadline while making tlsConn handshake

63a1f5d

RamanaReddy0M self-assigned this May 25, 2023

RamanaReddy0M linked an issue May 25, 2023 that may be closed by this pull request

Timeout not respected in certain conditions #263

Closed

fix lint error

883086c

RamanaReddy0M requested a review from ehsandeep May 25, 2023 14:56

ehsandeep requested a review from ShubhamRasal May 25, 2023 16:55

ShubhamRasal requested changes May 25, 2023

View reviewed changes

minior change

2439637

ehsandeep requested a review from ShubhamRasal May 27, 2023 16:03

ShubhamRasal requested changes May 31, 2023

View reviewed changes

pkg/tlsx/ztls/ztls.go Show resolved Hide resolved

exit on context timeout as well

e2ca099

ShubhamRasal approved these changes May 31, 2023

View reviewed changes

ehsandeep approved these changes Jun 1, 2023

View reviewed changes

ehsandeep merged commit 54cd9f3 into dev Jun 1, 2023

ehsandeep deleted the issue-263-timeout-not-respected branch June 1, 2023 00:18

ehsandeep mentioned this pull request Jun 12, 2023

nuclei getting stuck with running ssl template projectdiscovery/nuclei#3813

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Set read deadline while making tlsConn handshake #267

Set read deadline while making tlsConn handshake #267

RamanaReddy0M commented May 25, 2023 •

edited

Loading

RamanaReddy0M commented May 25, 2023

ShubhamRasal left a comment •

edited

Loading

ShubhamRasal commented May 26, 2023 •

edited

Loading

ShubhamRasal left a comment

Set read deadline while making tlsConn handshake #267

Set read deadline while making tlsConn handshake #267

Conversation

RamanaReddy0M commented May 25, 2023 • edited Loading

RamanaReddy0M commented May 25, 2023

ShubhamRasal left a comment • edited Loading

Choose a reason for hiding this comment

ShubhamRasal commented May 26, 2023 • edited Loading

ShubhamRasal left a comment

Choose a reason for hiding this comment

RamanaReddy0M commented May 25, 2023 •

edited

Loading

ShubhamRasal left a comment •

edited

Loading

ShubhamRasal commented May 26, 2023 •

edited

Loading