Metasploit modules that can be used to exploit Radware products
-
Scanner for Bleichenbacher Oracle in RSA PKCS #1 v1.5
Disclosure Date: 2009-06-17First seen: 2020-04-26auxiliary/scanner/ssl/bleichenbacher_oracleSome TLS implementations handle errors processing RSA key exchanges and encryption (PKCS #1 v1.5 messages) in a broken way that leads an adaptive chosen-chiphertext attack. Attackers cannot recover a server's private key, but they can decrypt and sign messages with it. A strong oracle occurs when the TLS server does not strictly check message formatting and needs less than a million requests on average to decode a given ciphertext. A weak oracle server strictly checks message formatting and often requires many more requests to perform the attack. This module requires Python 3 with the gmpy2 and cryptography packages to be present. Authors: - Hanno Böck - Juraj Somorovsky - Craig Young - Daniel Bleichenbacher - Adam Cammack <adam_cammack[AT]rapid7.com>
1 metasploit modules found
Please note: Metasploit modules are only matched by CVE numbers.
Visit metasploit web site for more details