{"id":19582948,"url":"https://github.com/tripwire/padcheck","last_synced_at":"2025-08-03T01:19:32.358Z","repository":{"id":43659023,"uuid":"177214157","full_name":"Tripwire/padcheck","owner":"Tripwire","description":"TLS CBC Padding Oracle Checker","archived":false,"fork":false,"pushed_at":"2022-02-25T12:33:27.000Z","size":21,"stargazers_count":52,"open_issues_count":3,"forks_count":15,"subscribers_count":12,"default_branch":"master","last_synced_at":"2024-06-20T16:49:37.802Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-2-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tripwire.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-03-22T21:58:03.000Z","updated_at":"2024-01-04T14:32:42.000Z","dependencies_parsed_at":"2022-09-26T18:21:44.131Z","dependency_job_id":null,"html_url":"https://github.com/Tripwire/padcheck","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tripwire%2Fpadcheck","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tripwire%2Fpadcheck/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tripwire%2Fpadcheck/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tripwire%2Fpadcheck/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tripwire","download_url":"https://codeload.github.com/Tripwire/padcheck/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":224068884,"owners_count":17250436,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-11T07:38:45.609Z","updated_at":"2024-11-11T07:39:56.315Z","avatar_url":"https://github.com/Tripwire.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Padcheck: A TLS CBC Padding Oracle Scanner\n\nThis tool tests how a server responds to various CBC padding errors.\n\nThe tool makes a series of connections where the TLS record containing an HTTP request is malformed. Servers should respond uniformly to all malformed records. If the server responds differently to certain types of errors, an attacker may be able to construct a padding oracle for use in an adaptive chosen ciphertext attack.\n\nThere are currently five malformed record test cases: \n1. Invalid MAC with Valid Padding (0-length pad)\n2. Missing MAC with Incomplete Padding (255-length pad)\n3. Valid MAC with Inconsistent Padding (SSLv3 style padding)\n4. Missing MAC with Valid Padding (Entire record is padding)\n5. Invalid MAC with Valid Padding (0-length record)\n\n## Background\n\nThis tool was created to help identify lingering TLS CBC padding oracles. The research was [originally presented at Black Hat Asia](https://www.blackhat.com/asia-19/briefings/schedule/index.html#zombie-poodle-goldendoodle-and-how-tlsv-can-save-us-all-13741) in March 2019. The [slides](http://i.blackhat.com/asia-19/Fri-March-29/bh-asia-Young-Zombie-Poodle-Goldendoodle-and-How-TLSv13-Can-Save-Us-All.pdf) are available for review.\n\nFor further reading on the topic, refer to the following links:\n* [TLS CBC Padding Oracles in 2019](https://www.tripwire.com/state-of-security/vert/tls-cbc-padding-oracles/)\n* [What is Zombie POODLE?](https://www.tripwire.com/state-of-security/vert/zombie-poodle/)\n* [What is GOLDENDOODLE?](https://www.tripwire.com/state-of-security/vert/goldendoodle-attack/)\n* [Scanning for Padding Oracles](https://web-in-security.blogspot.com/2019/03/scanning-for-padding-oracles.html)\n\nDisclosures related to modern TLS CBC padding oracles are being [tracked on GitHub](https://github.com/RUB-NDS/TLS-Padding-Oracles). This also includes oracles identified by [TLS-Scanner](https://github.com/RUB-NDS/TLS-Scanner)\n\n## Usage\n\n|              |        |                                                                                        |\n| ------------ | ------ | -------------------------------------------------------------------------------------- |\n| -h           |        | Show help                                                                              |\n| -hosts       | string | Filename containing hosts to query                                                     |\n| -iterations  | int    | Number of iterations required to confirm oracle (default 3)                            |\n| -keylog      | string | Path to a file NSS key log export (needed to decrypt pcap files) (default \"/dev/null\") |\n| -v           | int    | Specify verboseness level (default: 1, max: 5) (default 1)                             |\n| -workerCount | int    | Desired number of workers for testing lists (default 32)                               |\n\nThe basic usage is to run ```padcheck hostname```\nA list of hosts can also be read from a file ```padcheck -hosts hostnames.txt```\n\nVulnerable hosts are indicated in the tool output with a line similar to:\n\n*Hostname (ip:443)* is VULNERABLE with a *Observable MAC Validity (Zombie POODLE)* oracle when using cipher *0xc027* with TLS *0x0303*. The fingerprint is *6867b5*\n\nThe fingerprint produced by this tool is a hash of the server responses. These values are subject to change with changes to the tool or with environmental variation which may influence the error message text. The fingerprint value should therefore be primarily used for correlating similar vulnerabilities within a specific environment.\n\n## Obtaining padcheck\nThe easiest way to get started with padcheck is by downloading the latest [Linux binary release](https://github.com/Tripwire/padcheck/releases)\n\nUsers can alternatively build it locally for cross-platform or development testing. \n\n## Building on Linux\n\n1) [Install Go](https://golang.org/doc/install) - Distro packages (e.g. sudo apt install golang-go) are fine.\n2) Run `./build.sh`\n\nUpon success, `./padcheck` will be available as a portable/standalone executable.\n\n## Building on Docker\n\nBuilding with Docker is easier and cross-platform.\n\nRun `docker build . -t padcheck` to build the patched Go toolchain and the `padcheck` tool in a container.\n\nRun with: `docker run --rm -it padcheck [args]`\n\nIf you want to use a hosts file or keylog file, you will need to mount them in the container:\n\n```sh\ndocker run --rm -it \\\n    -v /path/to/hosts:/tmp/hosts \\\n    -v /path/to/keylog:/tmp/keylog \\\n    padcheck -hosts /tmp/hosts -keylog /tmp/keylog\n```\n\n## Credits\n\nThe original idea for this padding check tool was a very simple tool for checking for POODLE issues in TLS servers, by Adam Langley (`agl` AT `imperialviolet` DOT `org`). See:\n\n- https://www.imperialviolet.org/2014/12/08/poodleagain.html\n- https://www.imperialviolet.org/binary/poodle-tls-go.patch\n- https://www.imperialviolet.org/binary/scanpadding.go\n\n## Additional Resources\n\nMore information about scanning for TLS CBC padding oracles on the Internet can be found in this repo: https://github.com/RUB-NDS/TLS-Padding-Oracles\n\n\n## License\n\nOriginal tool copyright 2014 Adam Langley, released under a BSD license.\n\nCopyright 2019 Tripwire, Inc. All rights reserved.\nReleased under a [BSD 2-Clause License](./LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftripwire%2Fpadcheck","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftripwire%2Fpadcheck","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftripwire%2Fpadcheck/lists"}