Fuzz Testing a Secure Sockets Layer (SSL) Server

Overview

This topic describes how to test a SSL server using SSL modules in beSTORM.

Testing

To test a SSL server with beSTORM, do the following:

  1. Install beSTORM Client on a computer that is not in use or on a network and assign an IP address to it. This will create the beSTORM server.

  2. Set up an HTTPS server on another computer that is also not in use or on a network and assign an IP address to it. If your SSL server is Windows-based, do the following:

    1. Open beSTORM Monitor.

    2. On the Processes tab, select SSL.

    3. In the Host box, enter the IP address of the beSTORM server, and then select Attach.

  3. Using an Ethernet cable, connect the beSTORM server to the SSL server. Do not include a switch between the two servers.

  4. Open beSTORM Client.

  5. Select New Project. The beSTORM New Project Wizard opens.

  6. On the Welcome page, do the following:

    1. In the Project Name box, enter a name.

    2. Optionally, select a different file location for your project in the Location Name box.

    3. Leave Please select the wizard set to Simple.

    4. Leave Perform a port scan, and service detection and assist me in choosing the relevant module unchecked.

  7. Select Next.

  8. On the Basic Configuration page, do the following:

    1. In the beSTORM's predefined modules list, select HTTP/1.0 (SSL Web Client) or HTTP/1.1 (SSL Web Client).

    2. In the Hostname or IP address box, enter the IP address of the SSL server.

    3. In the Protocol list, select tcp.

    4. In the Remote Port box, enter the port number of the SSL server (usually 443).

  9. Select Next.

  10. On the Module Environment page, review the parameters listed and make any necessary changes.

  11. Select Next.

  12. If the SSL server is not accessible, select ICMP Echo and TCP Echo on the Extra Configuration page. Leave all other parameters to their default setting.

  13. Select Next.

  14. On the Complete beSTORM wizard page, select Finish to begin testing, or clear the Auto-start beSTORM scan now checkbox to run the test later.

  15. If an exception occurs once your test begins (that is, an attack was successful), a message will appear in the Exception Information dialog informing you that the remote server is not responding. This indicates a possible vulnerability. Testing will resume after five seconds unless you select Pause Test.

  16. When testing is complete, select Report from the Test Information pane to view a short report of your test. To generate a more comprehensive report of your test, select ReportGenerate Report from the beSTORM Client.

Related Topics