tls-attacker/TLS-Scanner

Not able to test TLS-Scanner because of "Exception in thread "main" java.lang.IllegalArgumentException: argument "src" is null"

sajualways opened this issue · 28 comments

sajualways commented

I have installed TLS-Scanner-3.0.2 and tried below basic command to test a server but it gives error as below

java -jar apps/TLS-Scanner.jar -connect :
INFO : Main - Performing Scan, this may take some time...
Exception in thread "main" java.lang.IllegalArgumentException: argument "src" is null
at com.fasterxml.jackson.databind.ObjectMapper._assertNotNull(ObjectMapper.java:4413)
at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3241)
at de.rub.nds.tlsscanner.trust.TrustAnchorManager.readPlatform(TrustAnchorManager.java:92)
at de.rub.nds.tlsscanner.trust.TrustAnchorManager.(TrustAnchorManager.java:63)
at de.rub.nds.tlsscanner.trust.TrustAnchorManager.getInstance(TrustAnchorManager.java:55)
at de.rub.nds.tlsscanner.TlsScanner.scan(TlsScanner.java:147)
at de.rub.nds.tlsscanner.Main.main(Main.java:46)

ic0ns commented

Ah, this is because you did not check out git submodules (which adds a CA repo to TLS-Scanner). The next version will handle this problem more gracefully. Sorry

sajualways commented

which is the next version and when it will be ready ?

ic0ns commented

We will release it in september since it contains tests for vulnerabilities which are currently still under embargo

sajualways commented

Ok, Thanks for the update.

Till then any workaround so that i can test with this version ?

ic0ns commented 
git submodule init
git submodule update
sajualways commented

after using above git update, now i see continuous exception in a loop when i use

java -jar apps/TLS-Scanner.jar -connect

at de.rub.nds.tlsscanner.ThreadedScanJobExecutor.execute(ThreadedScanJobExecutor.java:72)
at de.rub.nds.tlsscanner.TlsScanner.scan(TlsScanner.java:162)
at de.rub.nds.tlsscanner.Main.main(Main.java:46)

Caused by: java.lang.NullPointerException
at de.rub.nds.tlsscanner.probe.certificate.CertificateChain.(CertificateChain.java:87)
at de.rub.nds.tlsscanner.probe.CertificateProbe.executeTest(CertificateProbe.java:60)
at de.rub.nds.tlsscanner.probe.TlsProbe.call(TlsProbe.java:75)
at de.rub.nds.tlsscanner.probe.TlsProbe.call(TlsProbe.java:32)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
ERROR: ThreadedScanJobExecutor - Encountered an exceptiuon before we could merge the result
java.util.concurrent.ExecutionException: java.lang.NullPointerException
at java.util.concurrent.FutureTask.report(FutureTask.java:122)
at java.util.concurrent.FutureTask.get(FutureTask.java:192)
at de.rub.nds.tlsscanner.ThreadedScanJobExecutor.executeProbesTillNoneCanBeExecuted(ThreadedScanJobExecutor.java:100)
at de.rub.nds.tlsscanner.ThreadedScanJobExecutor.execute(ThreadedScanJobExecutor.java:72)
at de.rub.nds.tlsscanner.TlsScanner.scan(TlsScanner.java:162)
at de.rub.nds.tlsscanner.Main.main(Main.java:46)
Caused by: java.lang.NullPointerException
at de.rub.nds.tlsscanner.probe.certificate.CertificateChain.(CertificateChain.java:87)
at de.rub.nds.tlsscanner.probe.CertificateProbe.executeTest(CertificateProbe.java:60)
at de.rub.nds.tlsscanner.probe.TlsProbe.call(TlsProbe.java:75)
at de.rub.nds.tlsscanner.probe.TlsProbe.call(TlsProbe.java:32)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)

ic0ns commented

Oh that should not happen. It looks like TLS-Scanner was unable to retrieve the Certificate of the server which then results in this NPE. Can you try it with this patch?:

diff --git a/src/main/java/de/rub/nds/tlsscanner/probe/CertificateProbe.java b/src/main/java/de/rub/nds/tlsscanner/probe/CertificateProbe.java
index 86bb390..9cc9d40 100644
--- a/src/main/java/de/rub/nds/tlsscanner/probe/CertificateProbe.java
+++ b/src/main/java/de/rub/nds/tlsscanner/probe/CertificateProbe.java
@@ -57,8 +57,13 @@ public class CertificateProbe extends TlsProbe {
         tlsConfig.setDefaultClientSupportedCiphersuites(toTestList);
         tlsConfig.setStopActionsAfterFatal(true);
         Certificate serverCert = CertificateFetcher.fetchServerCertificate(tlsConfig);
-        CertificateChain chain = new CertificateChain(serverCert, tlsConfig.getDefaultClientConnection().getHostname());
-        return new CertificateResult(chain, serverCert);
+        if (serverCert == null) {
+            return getCouldNotExecuteResult();
+        } else {
+            CertificateChain chain = new CertificateChain(serverCert, tlsConfig.getDefaultClientConnection().getHostname());
+
+            return new CertificateResult(chain, serverCert);
+        }
     }
 
     @Override
sajualways commented

I tried "git pull" but it says Already up to date.
could you please let me know how to update this specific patch?

ic0ns commented

safe the patch in a file.
then run:
git apply patch.file
then rebuild with mvn clean install

sajualways commented

Thanks a lot.......It is working now.

  • 🚀1
sajualways commented

Further during the test, i found this exception now

INFO : Main - Scanned in: 78s

WARN : SiteReportRater - Influencer has 'null' influence
WARN : SiteReportRater - Influencer has 'null' influence
Exception in thread "main" java.lang.NullPointerException
at de.rub.nds.tlsscanner.rating.PropertyResultRatingInfluencer.compareTo(PropertyResultRatingInfluencer.java:104)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.lambda$appendRecommendations$1(SiteReportPrinter.java:1055)
at java.util.TimSort.countRunAndMakeAscending(TimSort.java:355)
at java.util.TimSort.sort(TimSort.java:234)
at java.util.Arrays.sort(Arrays.java:1512)
at java.util.stream.SortedOps$SizedRefSortingSink.end(SortedOps.java:353)
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:483)
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.appendRecommendations(SiteReportPrinter.java:1056)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.getFullReport(SiteReportPrinter.java:131)
at de.rub.nds.tlsscanner.report.SiteReport.getFullReport(SiteReport.java:404)
at de.rub.nds.tlsscanner.Main.main(Main.java:52)

  • 😕1
ic0ns commented

uf. This is not looking good. May I know what server you are scanning? It seems like TLS-Scanner is really struggeling with this one.

ic0ns commented

You can get it working by doing this:

diff --git a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
index 793fb54..5813201 100644
--- a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
+++ b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
@@ -127,7 +127,7 @@ public class SiteReportPrinter {
         appendHttps(builder);
         appendRandom(builder);
         appendPublicKeyIssues(builder);
-        appendScoringResults(builder);
+        //appendScoringResults(builder);
         appendRecommendations(builder);
         appendPerformanceData(builder);

But this just prevents the apparently buggy feature from getting executed...

sajualways commented

This is one of my internal server....It actually finished the scan but at last it gave an exception

INFO : Main - Performing Scan, this may take some time...
+++COMMON_BUGS executed
+++SNI executed
+++COMPRESSIONS executed
+++NAMED_GROUPS executed
+++CERTIFICATE executed
+++PROTOCOL_VERSION executed
+++CIPHERSUITE executed
+++CIPHERSUITE_ORDER executed
+++EXTENSIONS executed
+++TLS13 executed
+++TOKENBINDING executed
+++HTTP_HEADER executed
+++HEARTBLEED executed
+++DROWN executed
+++EARLY_CCS executed
+++RESUMPTION executed
+++RENEGOTIATION executed
+++PADDING_ORACLE executed
+++BLEICHENBACHER executed
+++TLS_POODLE executed
+++INVALID_CURVE executed
+++MAC executed
+++SESSION_TICKET_ZERO_KEY executed
INFO : ThreadedScanJobExecutor - Finished scan for: :
INFO : Main - Scanned in: 78s

WARN : SiteReportRater - Influencer has 'null' influence
WARN : SiteReportRater - Influencer has 'null' influence
Exception in thread "main" java.lang.NullPointerException
at de.rub.nds.tlsscanner.rating.PropertyResultRatingInfluencer.compareTo(PropertyResultRatingInfluencer.java:104)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.lambda$appendRecommendations$1(SiteReportPrinter.java:1055)
at java.util.TimSort.countRunAndMakeAscending(TimSort.java:355)
at java.util.TimSort.sort(TimSort.java:234)
at java.util.Arrays.sort(Arrays.java:1512)
at java.util.stream.SortedOps$SizedRefSortingSink.end(SortedOps.java:353)
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:483)
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.appendRecommendations(SiteReportPrinter.java:1056)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.getFullReport(SiteReportPrinter.java:131)
at de.rub.nds.tlsscanner.report.SiteReport.getFullReport(SiteReport.java:404)
at de.rub.nds.tlsscanner.Main.main(Main.java:52)

sajualways commented

I tried to install above patch but it gave error
error: corrupt patch at line 13

ic0ns commented

Ah sorry I did not copy the last empty line. Just add an empty line at the end and it should work

sajualways commented

even after the patch it is still giving the exception

INFO : Main - Scanned in: 79s

WARN : SiteReportRater - Influencer has 'null' influence
Exception in thread "main" java.lang.NullPointerException
at de.rub.nds.tlsscanner.rating.PropertyResultRatingInfluencer.compareTo(PropertyResultRatingInfluencer.java:104)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.lambda$appendRecommendations$1(SiteReportPrinter.java:1055)
at java.util.TimSort.countRunAndMakeAscending(TimSort.java:355)
at java.util.TimSort.sort(TimSort.java:234)
at java.util.Arrays.sort(Arrays.java:1512)
at java.util.stream.SortedOps$SizedRefSortingSink.end(SortedOps.java:353)
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:483)
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.appendRecommendations(SiteReportPrinter.java:1056)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.getFullReport(SiteReportPrinter.java:131)
at de.rub.nds.tlsscanner.report.SiteReport.getFullReport(SiteReport.java:404)
at de.rub.nds.tlsscanner.Main.main(Main.java:52)

ic0ns commented

I think you did not rebuilt

mvn clean install

sajualways commented

Yes I did rebuilt but still it failed

INFO : ThreadedScanJobExecutor - Finished scan for: ip:port
INFO : Main - Scanned in: 87s

WARN : SiteReportRater - Influencer has 'null' influence
Exception in thread "main" java.lang.NullPointerException
at de.rub.nds.tlsscanner.rating.PropertyResultRatingInfluencer.compareTo(PropertyResultRatingInfluencer.java:104)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.lambda$appendRecommendations$1(SiteReportPrinter.java:1055)
at java.util.TimSort.countRunAndMakeAscending(TimSort.java:355)
at java.util.TimSort.sort(TimSort.java:234)
at java.util.Arrays.sort(Arrays.java:1512)
at java.util.stream.SortedOps$SizedRefSortingSink.end(SortedOps.java:353)
at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:483)
at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:472)
at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150)
at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173)
at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234)
at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:485)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.appendRecommendations(SiteReportPrinter.java:1056)
at de.rub.nds.tlsscanner.report.SiteReportPrinter.getFullReport(SiteReportPrinter.java:131)
at de.rub.nds.tlsscanner.report.SiteReport.getFullReport(SiteReport.java:404)
at de.rub.nds.tlsscanner.Main.main(Main.java:52)

ic0ns commented

ups sorry my bad,

diff --git a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
index 793fb54..2c5fdc7 100644
--- a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
+++ b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
@@ -127,8 +127,8 @@ public class SiteReportPrinter {
         appendHttps(builder);
         appendRandom(builder);
         appendPublicKeyIssues(builder);
-        appendScoringResults(builder);
-        appendRecommendations(builder);
+        //appendScoringResults(builder);
+        //appendRecommendations(builder);
         appendPerformanceData(builder);
sajualways commented

Is there a difference in behaviour, because same TLS-Scanner works with my other SSL server

ic0ns commented

well - yes. The TLS-Scanner tries to perform various handshakes to determine the supported features and present vulnerabilities. But some servers have exotic configurations or have certain bugs which prevent the scanner currently from scanning it successfully. I am always trying to hunt those cases down...

sajualways commented

ups sorry my bad,

diff --git a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
index 793fb54..2c5fdc7 100644
--- a/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
+++ b/src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java
@@ -127,8 +127,8 @@ public class SiteReportPrinter {
         appendHttps(builder);
         appendRandom(builder);
         appendPublicKeyIssues(builder);
-        appendScoringResults(builder);
-        appendRecommendations(builder);
+        //appendScoringResults(builder);
+        //appendRecommendations(builder);
         appendPerformanceData(builder);

this patch gave me error while applying patch
error: patch failed: src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java:127
error: src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java: patch does not apply

ic0ns commented

uff, please comment out the line in the file: src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java manually then.
//appendRecommendations(builder);

sajualways commented

ok...now it is fine.

uff, please comment out the line in the file: src/main/java/de/rub/nds/tlsscanner/report/SiteReportPrinter.java manually then.
//appendRecommendations(builder);

ok......now it is fine

sajualways commented

so all these issues will be fixed in next upcoming release in September ?

ic0ns commented

I hope so, yes

sajualways commented

Thanks for all the help !!