Post Reply 
Adapting proxo 4.5 to the latest OpenSSL DLLs
Oct. 14, 2014, 08:20 PM (This post was last modified: Nov. 01, 2014 03:22 AM by JJoe.)
Post: #1
Adapting proxo 4.5 to the latest OpenSSL DLLs
I'm working on adapting proxo 4.5 to the latest OpenSSL and right now I'm a little bit excited because I think a have certain success. How do I properly test if everything is ok?
Add Thank You Quote this message in a reply
Oct. 15, 2014, 04:23 AM (This post was last modified: Oct. 15, 2014 04:43 AM by JJoe.)
Post: #2
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(Oct. 14, 2014 08:20 PM)mas Wrote:  I'm working on adapting proxo 4.5 to the latest OpenSSL and right now I'm a little bit excited because I think a have certain success. How do I properly test if everything is ok?

Are you saying you have modified the Proxomitron exe to use the current OpenSSL DLLs?

http://www.dependencywalker.com/

Edit: Added link to Dependency Walker aka depends.exe
Add Thank You Quote this message in a reply
Oct. 15, 2014, 05:47 AM
Post: #3
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(Oct. 15, 2014 04:23 AM)JJoe Wrote:  
(Oct. 14, 2014 08:20 PM)mas Wrote:  I'm working on adapting proxo 4.5 to the latest OpenSSL and right now I'm a little bit excited because I think a have certain success. How do I properly test if everything is ok?

Are you saying you have modified the Proxomitron exe to use the current OpenSSL DLLs?
Yes, so far so good - not without hiccups with mail.google.com, but that's probably my settings, with filters off runs fine. OpenSSL's version 1.0.1.9.

(Oct. 15, 2014 04:23 AM)JJoe Wrote:  http://www.dependencywalker.com/

Edit: Added link to Dependency Walker aka depends.exe
I know this app, what's with it?
Add Thank You Quote this message in a reply
Oct. 16, 2014, 01:31 AM (This post was last modified: Oct. 16, 2014 01:34 AM by JJoe.)
Post: #4
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
(Oct. 15, 2014 05:47 AM)mas Wrote:  Yes, so far so good

Interesting. It's been years since I gave up on this. IIRC...
The Proxomitron checks cert name matching. Unfortunately, Proxo doesn't understand wild card certs or SubjectAltName ( http://en.wikipedia.org/wiki/SubjectAltName ).
How did you handle this?

The last known "usable" DLL was patched to make it compatible.
Are you using an unaltered OpenSSL version 1.0.1.9 DLL?
Where did you find it?

(Oct. 15, 2014 05:47 AM)mas Wrote:  I know this app, what's with it?

I used it to monitor the Proxomitron while handled https. Dependency Walker showed unanswered requests to OpenSSL, errors, etc.

A working DLL would have been tested by verifying encryption and correct behavior but it never got that far. Even if, a "Use at own risk" warning would have been necessary.

Encryption might be verified by
https://cc.dcsec.uni-hannover.de/
https://www.fortify.net/sslcheck.html
or a network sniffer.
You could use known attacks and incorrectly configured servers to test behavior.

http://stackoverflow.com/questions/17279...certificat

Edit: I'll be moving these posts to their own thread.
Add Thank You Quote this message in a reply
Oct. 16, 2014, 03:51 AM
Post: #5
RE: ProxHTTPSProxy, a Proxomitron SSL Helper Program
JJoe, please check your PM
Add Thank You Quote this message in a reply
Nov. 01, 2014, 03:21 AM
Post: #6
RE: adapting proxo 4.5 to the latest OpenSSL
Looks good. Smile!

The patched Proxomitron exe is using the latest libeay32.dll and ssleay32.dll from https://slproweb.com/products/Win32OpenSSL.html .
The Proxomitron's log window shows the change and various web tests confirm it.

I haven't noticed any new problems. The old problems remain, however.

To try mas's mod, overwrite

Code:
89 07 83 3F 00 75 36 68 30 20 01 00 68 A8 80 42 00 68 E8 9A 42 00 6A 00 8B 3D 94 62 42 00 FF D7 68 30 20 01 00 68 A8 80 42 00 56 6A 00 FF D7 53 E8 9B 07 00 00 83 C4 04 E9 CF 02 00 00 83 C7 04 89 7D DC 8B FE 83 C9 FF 33 C0 F2 AE F7 D1 49 8D 74 0E 01 89 75 E0 8B 7D DC EB 85 FF 53 38 FF 93 80 00 00 00 6A 00 E8 55 43 00 00 83 C4 04 85 C0 74 2A 6A 00 FF 93 C8 00 00 00 83 C4 04 50 68 DC 9A 42 00 8D 55 8C 52 FF 15 E8 61 42 00 83 C4 0C

from 0000E580 through 0000E60F with

Code:
89 07 83 3F 00 75 36 68 8C 0C 00 00 FF 73 04 FF 15 90 60 42 00 89 07 EB 24 90 90 90 90 90 FF D7 68 30 20 01 00 68 A8 80 42 00 56 6A 00 FF D7 53 E8 9B 07 00 00 83 C4 04 E9 CF 02 00 00 83 C7 04 89 7D DC 8B FE 83 C9 FF 33 C0 F2 AE F7 D1 49 8D 74 0E 01 89 75 E0 8B 7D DC EB 85 FF 53 38 FF 93 80 00 00 00 6A 00 E8 55 43 00 00 83 C4 04 68 B7 00 00 00 FF 33 FF 15 90 60 42 00 FF D0 EB 1D 90 90 90 90 8D 55 8C 52 FF 15 E8 61 42 00 83 C4 0C

Use at own risk! Report problems.

Before:
Code:
0040F187  |.  68 30200100   |PUSH 12030
0040F18C  |.  68 A8804200   |PUSH OFFSET 004280A8                    ; ASCII "ProxomiTron Application Error"
0040F191  |.  68 E89A4200   |PUSH OFFSET 00429AE8                    ; ASCII "Sorry, This version of SSLeay doesn't contain all the needed functions. It may be too different a version or complied without all the necessary algorithms."
0040F196  |.  6A 00         |PUSH 0
0040F198  |.  8B3D 94624200 |MOV EDI,DWORD PTR DS:[<&USER32.MessageB ; Entry point of procedure
0040F19E  |.  FFD7          |CALL EDI
0040F1A0  |.  68 30200100   |PUSH 12030
0040F1A5  |.  68 A8804200   |PUSH OFFSET 004280A8                    ; ASCII "ProxomiTron Application Error"
0040F1AA  |.  56            |PUSH ESI
0040F1AB  |.  6A 00         |PUSH 0
0040F1AD  |.  FFD7          |CALL EDI
0040F1AF  |.  53            |PUSH EBX                                ; /Arg1
0040F1B0  |.  E8 9B070000   |CALL 0040F950                           ; \Proxomitron.0040F950
0040F1B5  |.  83C4 04       |ADD ESP,4
0040F1B8  |.  E9 CF020000   |JMP 0040F48C
0040F1BD  |>  83C7 04       |ADD EDI,4
0040F1C0  |.  897D DC       |MOV DWORD PTR SS:,EDI
0040F1C3  |.  8BFE          |MOV EDI,ESI
0040F1C5  |.  83C9 FF       |OR ECX,FFFFFFFF
0040F1C8  |.  33C0          |XOR EAX,EAX
0040F1CA  |.  F2:AE         |REPNE SCAS BYTE PTR ES:
0040F1CC  |.  F7D1          |NOT ECX
0040F1CE  |.  49            |DEC ECX
0040F1CF  |.  8D740E 01     |LEA ESI,
0040F1D3  |.  8975 E0       |MOV DWORD PTR SS:,ESI
0040F1D6  |.  8B7D DC       |MOV EDI,DWORD PTR SS:
0040F1D9  |.^ EB 85         \JMP SHORT 0040F160
0040F1DB  |>  FF53 38       CALL DWORD PTR DS:
0040F1DE  |.  FF93 80000000 CALL DWORD PTR DS:
0040F1E4  |.  6A 00         PUSH 0                                   ; /Arg1 = 0
0040F1E6  |.  E8 55430000   CALL 00413540                            ; \Proxomitron.00413540
0040F1EB  |.  83C4 04       ADD ESP,4
0040F1EE  |.  85C0          TEST EAX,EAX
0040F1F0  |.  74 2A         JE SHORT 0040F21C
0040F1F2  |.  6A 00         PUSH 0
0040F1F4  |.  FF93 C8000000 CALL DWORD PTR DS:
0040F1FA  |.  83C4 04       ADD ESP,4
0040F1FD  |.  50            PUSH EAX
0040F1FE  |.  68 DC9A4200   PUSH OFFSET 00429ADC                     ; ASCII "WLoaded: %s"
0040F203  |.  8D55 8C       LEA EDX,

After:
Code:
0040F187  |.  68 8C0C0000   PUSH 0C8C
0040F18C  |.  FF73 04       PUSH DWORD PTR DS:
0040F18F  |.  FF15 90604200 CALL DWORD PTR DS:[<&KERNEL32.GetProcAdd
0040F195  |.  8907          MOV DWORD PTR DS:,EAX
0040F197  \.  EB 24         JMP SHORT 0040F1BD
0040F199      90            NOP
0040F19A      90            NOP
0040F19B      90            NOP
0040F19C      90            NOP
0040F19D      90            NOP
0040F19E  /.  FFD7          CALL EDI
0040F1A0  |.  68 30200100   PUSH 12030
0040F1A5  |.  68 A8804200   PUSH OFFSET 004280A8                     ; ASCII "ProxomiTron Application Error"
0040F1AA  |.  56            PUSH ESI
0040F1AB  |.  6A 00         PUSH 0
0040F1AD  |.  FFD7          CALL EDI
0040F1AF  |.  53            PUSH EBX                                 ; /Arg1
0040F1B0  |.  E8 9B070000   CALL 0040F950                            ; \Proxomitron.0040F950
0040F1B5  |.  83C4 04       ADD ESP,4
0040F1B8  \.  E9 CF020000   JMP 0040F48C
0040F1BD  />  83C7 04       ADD EDI,4
0040F1C0  |.  897D DC       MOV DWORD PTR SS:,EDI
0040F1C3  |.  8BFE          MOV EDI,ESI
0040F1C5  |.  83C9 FF       OR ECX,FFFFFFFF
0040F1C8  |.  33C0          XOR EAX,EAX
0040F1CA  |.  F2:AE         REPNE SCAS BYTE PTR ES:
0040F1CC  |.  F7D1          NOT ECX
0040F1CE  |.  49            DEC ECX
0040F1CF  |.  8D740E 01     LEA ESI,
0040F1D3  |.  8975 E0       MOV DWORD PTR SS:,ESI
0040F1D6  |.  8B7D DC       MOV EDI,DWORD PTR SS:
0040F1D9  |.^ EB 85         JMP SHORT 0040F160
0040F1DB  |>  FF53 38       CALL DWORD PTR DS:
0040F1DE  |.  FF93 80000000 CALL DWORD PTR DS:
0040F1E4  |.  6A 00         PUSH 0                                   ; /Arg1 = 0
0040F1E6  |.  E8 55430000   CALL 00413540                            ; \Proxomitron.00413540
0040F1EB  |.  83C4 04       ADD ESP,4
0040F1EE  |.  68 B7000000   PUSH 0B7
0040F1F3  |.  FF33          PUSH DWORD PTR DS:
0040F1F5  |.  FF15 90604200 CALL DWORD PTR DS:[<&KERNEL32.GetProcAdd
0040F1FB  |.  FFD0          CALL EAX
0040F1FD  \.  EB 1D         JMP SHORT 0040F21C
0040F1FF      90            NOP
0040F200   .  90            NOP
0040F201   .  90            NOP
0040F202   .  90            NOP
0040F203  /.  8D55 8C       LEA EDX,


Attached File(s)
.zip  DLLs.zip (Size: 664.6 KB / Downloads: 432)
Add Thank You Quote this message in a reply
Nov. 01, 2014, 05:02 AM
Post: #7
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
what advantages are there, if any, to patching to use the latest OpenSSL?
Add Thank You Quote this message in a reply
Nov. 01, 2014, 06:22 PM
Post: #8
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 01, 2014 05:02 AM)ProxRocks Wrote:  what advantages are there, if any, to patching to use the latest OpenSSL?

Latest OpenSSL is "TLSv1.2" while Proxo's old is TLSv1 or older.
Some advantages are quality and quantity of ciphers, Proxomitron's traffic may be less odd, and ability to access more sites.

More info at
https://www.howsmyssl.com/
https://www.howsmyssl.com/s/about.html .

Patching will not gain best practice security, however. Some old problems remain. So be aware regardless.

Before:
Code:
From: https://cc.dcsec.uni-hannover.de/
Cipher Suites Supported by Your Browser (ordered by preference):

SpecCipher Suite NameKey SizeDescription
(00,39)DHE-RSA-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,38)DHE-DSS-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,35)RSA-AES256-SHA256 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,16)DHE-RSA-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,13)DHE-DSS-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,0a)RSA-3DES-EDE-SHA168 BitKey exchange: RSA, encryption: 3DES, MAC: SHA1.
(07,00c0)DES192-EDE3-MD5168 BitKey exchange: Data Encryption Standard (DES), encryption algorithm is unknown, MAC: MD5.
(00,33)DHE-RSA-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,32)DHE-DSS-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,2f)RSA-AES128-SHA128 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,07)RSA-IDEA-SHA128 BitKey exchange: RSA, encryption: IDEA, MAC: SHA1.
(05,0080)IDEA128-MD5128 BitKey exchange: IDEA, encryption algorithm is unknown, MAC: MD5.
(03,0080)RC2128-MD5128 BitKey exchange: RC2, encryption algorithm is unknown, MAC: MD5.
(00,66)DHE-DSS-RC4128-SHA128 BitKey exchange: DH, encryption: RC4, MAC: SHA1.
(00,05)RSA-RC4128-SHA128 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,04)RSA-RC4128-MD5128 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(01,0080)RC4128-MD5128 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.
(08,0080)RC464-MD564 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.
(00,63)DHE-DSS-EXPORT1024-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,62)RSA-EXPORT1024-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(00,61)RSA-EXPORT1024-RC2-CBC56-MD556 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(00,15)DHE-RSA-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,12)DHE-DSS-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,09)RSA-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(06,0040)DES64-MD556 BitKey exchange: Data Encryption Standard (DES), encryption algorithm is unknown, MAC: MD5.
(00,65)DHE-DSS-EXPORT1024-RC456-SHA56 BitKey exchange: DH, encryption: RC4, MAC: SHA1.
(00,64)RSA-EXPORT1024-RC456-SHA56 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,60)RSA-EXPORT1024-RC456-MD556 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(00,14)DHE-RSA-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,11)DHE-DSS-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,08)RSA-EXPORT-DES40-SHA40 BitKey exchange: RSA, encryption: DES40, MAC: SHA1.
(00,06)RSA-EXPORT-RC2-CBC40-MD540 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(04,0080)RC2128-EXPORT40-MD540 BitKey exchange: RC2, encryption algorithm is unknown, MAC: MD5.
(00,03)RSA-EXPORT-RC440-MD540 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(02,0080)RC4128-EXPORT40-MD540 BitKey exchange: RC4, encryption algorithm is unknown, MAC: MD5.

Further information:

User-Agent:???
Preferred SSL/TLS version: TLSv1
SNI information: Your browser did not send SNI information.
SSL stack current time: The TLS stack of your browser did not send a time value.

This connection uses TLSv1 with DHE-RSA-AES256-SHA and a 256 Bit key for encryption.

Raw:

Version: 3.1
Ciphers: 39,38,35,16,13,0a,0700c0,33,32,2f,07,050080,030080,66,05,04,010080,080080,63,62,61,15,12,09,060040,65,64,60,14,11,08,06,040080,03,020080
Extensions: The TLS stack of your browser did not send extensions.
Remote Time: The TLS stack of your browser did not send a time value.

This service is provided by the DCSEC research group at Leibniz University Hannover. Imprint
If you have any comments or questions please contact Sascha Fahl

After:
Code:
From: https://cc.dcsec.uni-hannover.de/
Cipher Suites Supported by Your Browser (ordered by preference):

SpecCipher Suite NameKey SizeDescription
(c0,30)ECDHE-RSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2c)ECDHE-ECDSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,28)ECDHE-RSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,24)ECDHE-ECDSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,14)ECDHE-RSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,0a)ECDHE-ECDSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,a3)DHE-DSS-AES256-GCM-SHA384256 BitKey exchange: DH, encryption: AES, MAC: SHA384.
(00,9f)DHE-RSA-AES256-GCM-SHA384256 BitKey exchange: DH, encryption: AES, MAC: SHA384.
(00,6b)DHE-RSA-AES256-SHA256256 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,6a)DHE-DSS-AES256-SHA256256 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,39)DHE-RSA-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,38)DHE-DSS-AES256-SHA256 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,88)DHE-RSA-CAMELLIA256-SHA256 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(00,87)DHE-DSS-CAMELLIA256-SHA256 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(c0,32)ECDH-RSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2e)ECDH-ECDSA-AES256-GCM-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,2a)ECDH-RSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,26)ECDH-ECDSA-AES256-SHA384256 BitKey exchange: ECDH, encryption: AES, MAC: SHA384.
(c0,0f)ECDH-RSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,05)ECDH-ECDSA-AES256-SHA256 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,9d)RSA-AES256-GCM-SHA384256 BitKey exchange: RSA, encryption: AES, MAC: SHA384.
(00,3d)DH-RSA-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,35)RSA-AES256-SHA256 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,84)RSA-CAMELLIA256-SHA256 BitKey exchange: RSA, encryption: Camellia, MAC: SHA1.
(c0,2f)ECDHE-RSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,2b)ECDHE-ECDSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,27)ECDHE-RSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,23)ECDHE-ECDSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,13)ECDHE-RSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,09)ECDHE-ECDSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,a2)DHE-DSS-AES128-GCM-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,9e)DHE-RSA-AES128-GCM-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,67)DHE-RSA-AES128-SHA256128 BitKey exchange: DH, encryption: AES, MAC: SHA256.
(00,40)DH-ANON-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,33)DHE-RSA-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,32)DHE-DSS-AES128-SHA128 BitKey exchange: DH, encryption: AES, MAC: SHA1.
(00,9a)DHE-RSA-SEED-SHA128 BitKey exchange: DH, encryption: seed, MAC: SHA1.
(00,99)DHE-DSS-SEED-SHA128 BitKey exchange: DH, encryption: seed, MAC: SHA1.
(00,45)DHE-RSA-CAMELLIA128-SHA128 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(00,44)DHE-DSS-CAMELLIA128-SHA128 BitKey exchange: DH, encryption: Camellia, MAC: SHA1.
(c0,31)ECDH-RSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,2d)ECDH-ECDSA-AES128-GCM-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,29)ECDH-RSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,25)ECDH-ECDSA-AES128-SHA256128 BitKey exchange: ECDH, encryption: AES, MAC: SHA256.
(c0,0e)ECDH-RSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(c0,04)ECDH-ECDSA-AES128-SHA128 BitKey exchange: ECDH, encryption: AES, MAC: SHA1.
(00,9c)RSA-AES128-GCM-SHA256128 BitKey exchange: RSA, encryption: AES, MAC: SHA256.
(00,3c)DH-DSS-MISTY1-SHA128 BitKey exchange: DH, encryption: MISTY1, MAC: SHA1.
(00,2f)RSA-AES128-SHA128 BitKey exchange: RSA, encryption: AES, MAC: SHA1.
(00,96)RSA-SEED-SHA128 BitKey exchange: RSA, encryption: seed, MAC: SHA1.
(00,41)RSA-CAMELLIA128-SHA128 BitKey exchange: RSA, encryption: Camellia, MAC: SHA1.
(00,07)RSA-IDEA-SHA128 BitKey exchange: RSA, encryption: IDEA, MAC: SHA1.
(c0,11)ECDHE-RSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,07)ECDHE-ECDSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,0c)ECDH-RSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(c0,02)ECDH-ECDSA-RC4128-SHA128 BitKey exchange: ECDH, encryption: RC4, MAC: SHA1.
(00,05)RSA-RC4128-SHA128 BitKey exchange: RSA, encryption: RC4, MAC: SHA1.
(00,04)RSA-RC4128-MD5128 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(c0,12)ECDHE-RSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(c0,08)ECDHE-ECDSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(00,16)DHE-RSA-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(00,13)DHE-DSS-3DES-EDE-SHA168 BitKey exchange: DH, encryption: 3DES, MAC: SHA1.
(c0,0d)ECDH-RSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(c0,03)ECDH-ECDSA-3DES-EDE-SHA168 BitKey exchange: ECDH, encryption: 3DES, MAC: SHA1.
(00,0a)RSA-3DES-EDE-SHA168 BitKey exchange: RSA, encryption: 3DES, MAC: SHA1.
(00,15)DHE-RSA-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,12)DHE-DSS-DES-SHA56 BitKey exchange: DH, encryption: DES, MAC: SHA1.
(00,09)RSA-DES-SHA56 BitKey exchange: RSA, encryption: DES, MAC: SHA1.
(00,14)DHE-RSA-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,11)DHE-DSS-EXPORT-DES40-SHA40 BitKey exchange: DH, encryption: DES40, MAC: SHA1.
(00,08)RSA-EXPORT-DES40-SHA40 BitKey exchange: RSA, encryption: DES40, MAC: SHA1.
(00,06)RSA-EXPORT-RC2-CBC40-MD540 BitKey exchange: RSA, encryption: RC2, MAC: MD5.
(00,03)RSA-EXPORT-RC440-MD540 BitKey exchange: RSA, encryption: RC4, MAC: MD5.
(00,ff)EMPTY-RENEGOTIATION-INFO-SCSV0 BitUsed for secure renegotation.

Further information:

User-Agent:???
Preferred SSL/TLS version: TLSv1
SNI information: Your browser did not send SNI information.
SSL stack current time: The TLS stack of your browser did not send a time value.

This connection uses TLSv1.2 with ECDHE-RSA-AES256-GCM-SHA384 and a 256 Bit key for encryption.

Raw:

Version: 3.1
Ciphers: c030,c02c,c028,c024,c014,c00a,a3,9f,6b,6a,39,38,88,87,c032,c02e,c02a,c026,c00f,c005,9d,3d,35,84,c02f,c02b,c027,c023,c013,c009,a2,9e,67,40,33,32,9a,99,45,44,c031,c02d,c029,c025,c00e,c004,9c,3c,2f,96,41,07,c011,c007,c00c,c002,05,04,c012,c008,16,13,c00d,c003,0a,15,12,09,14,11,08,06,03,ff
Extensions: 000b,000a,0023,000d,000f
Remote Time: The TLS stack of your browser did not send a time value.

This service is provided by the DCSEC research group at Leibniz University Hannover. Imprint
If you have any comments or questions please contact Sascha Fahl
Add Thank You Quote this message in a reply
Nov. 01, 2014, 10:26 PM
Post: #9
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
For confirmation purposes, are these correct?
Original Proxomitron.exe:
MD5 f2867bee7180cdc839f7636fddc1aa74
SHA-256 7adc0296d97e24417000c5cac53c8dfb34a5e6ddedceec168ffe45648803285b

Edited Proxomitron.exe:
MD5 bc3407620d6abbfa5095668e40f03e8c
SHA-256 7b916181145b0f63dca29f72fe5e09e3bd3cfe61e994e7b384d3d2068dc01c33
Add Thank You Quote this message in a reply
Nov. 02, 2014, 01:05 AM
Post: #10
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 01, 2014 10:26 PM)herbalist Wrote:  For confirmation purposes, are these correct?

Yes.
Add Thank You Quote this message in a reply
Nov. 02, 2014, 04:10 AM
Post: #11
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 01, 2014 06:22 PM)JJoe Wrote:  Some old problems remain. So be aware regardless.

What old problems do you mean?
Add Thank You Quote this message in a reply
Nov. 02, 2014, 04:43 PM (This post was last modified: Nov. 02, 2014 04:47 PM by herbalist.)
Post: #12
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
It appears to work on a virtual XP. On 98SE, it doesn't find or recognize ssleay32.dll. Using Dependency Walker, I could see the original DLLs using msvcr70.dll, a copy of which is in the Proxomitron folder. The new DLLs want msvcr90.dll, which is installed, obtained from https://slproweb.com/products/Win32OpenSSL.html, which was also copied to the Proxomitron folder.
I've tried copies of msvcr90.dll from both the 98 and XP systems using all the available KernelEx options. DW reports "device not functioning". According to the site, OpenSSL is still compatible with 98, as are the DLLs. Any ideas what I'm overlooking?
Add Thank You Quote this message in a reply
Nov. 02, 2014, 08:38 PM (This post was last modified: Nov. 02, 2014 10:58 PM by JJoe.)
Post: #13
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 02, 2014 04:10 AM)whenever Wrote:  What old problems do you mean?

1. Current browsers complain about Proxo's cert. (HalfSSL can help but in practice can cause usabilty and security problems.)
2. Original Proxomitron throws an alert for wild card certs, certs that require alternate name support, and maybe any options that it does not support.
3. Some patched Proxomitron exes do not throw alerts for certs.
4. Proxo with OpenSSL DLLs from slproweb still supports ciphers that some people believe are insufficient.

4, 3, and possibly 2 are security related, while 1 and 2 are usability problems.

This patch doesn't solve any of these problems.

ProxHTTPSProxyMII doesn't have these problems. Wink

Edit:
I should have said 'my ProxHTTPSProxyMII doesn't have these problems.'
I changed line 54 of ProxHTTPSProxy.pyv1.1b from
Code:
sslparams = dict(cert_reqs="REQUIRED", ca_certs="cacert.pem", ssl_version="TLSv1")
to
Code:
sslparams = dict(cert_reqs="REQUIRED", ca_certs="cacert.pem")
Result is "Your SSL client is Probably Okay." at https://www.howsmyssl.com/ .
Before the change, I saw "Your SSL client is Bad." due to TLSv1 use.
I have not noticed any problems after the change.
Add Thank You Quote this message in a reply
Nov. 02, 2014, 09:06 PM
Post: #14
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
(Nov. 02, 2014 04:43 PM)herbalist Wrote:  According to the site, OpenSSL is still compatible with 98, as are the DLLs. Any ideas what I'm overlooking?

They do say that but the link to "Visual C++ 2008 Redistributables for Windows 9x/NT4" is "https://slproweb.com/download/RunMagic.zip" and the instructions are

Quote:Having problems with error messages when trying to run OpenSSL? This will likely fix the problem. Only use under Windows 95, 98, Me, and NT4.
Install this, then install "OpenSSL Light" using the '/bin' option, and then run FixSSL_9xNT4.bat contained within the /bin directory.

Gotta wonder what is in "FixSSL_9xNT4.bat".

After trying above, I'd ensure a copy of msvcr in c:\windows\system.

I don't have any experience with KernelEx.
My 98 machines are parts, atm.
Add Thank You Quote this message in a reply
Nov. 02, 2014, 10:38 PM
Post: #15
RE: Adapting proxo 4.5 to the latest OpenSSL DLLs
Both the 70 and 90 versions are in the system folder and in the Proxomitron folder.
Regarding
Quote:Install this, then install "OpenSSL Light" using the '/bin' option, and then run FixSSL_9xNT4.bat contained within the /bin directory.
I'm wondering if I have to run that every time I update OpenSSL. I'm sure that OpenSSL works on this PC. Tor uses OpenSSL and this PC is an exit node.
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: