Command-line Interface¶
Generic Usage¶
Argument Structure¶
The structure of the command-line interface tries to follow the structure and vocabulary of the analyzable protocol, however, it also tries to be unified as much as possible. The protocol structure in the command-line interface is represented by the structure of commands and subcommands. On each level of commands and subcommand the command line interface’s help lists and describes all the arguments available at a certain command level and also the available subcommands.
cryptolyze --help
Top-level Commands¶
At the top level of the command-line interface’s command structure, we can determine some global parameters – such as the output format and log level – and the analyzable protocol itself. The analyzable protocols may have multiple versions or version-independent peculiarities, meaning that the command line interface should give a way to analyze which versions of a protocol are supported by a service and which are version-independent peculiarities. The most obvious example is the TLS protocol for demonstrating the command-line interface’s structure. To analyze which versions of the TLS protocol are supported by a service run on the domain example.com you can use the following command:
cryptolyze tls versions example.com
Another example of version-independent analyses is when we want to know which versions of the different client applications of different vendors are compatible with a certain service. In this scenario we can simulate the operation of client applications, which is independent of the protocol version, meaning the command structure is similar to the case when we analyzed the protocol version supported by a service.
cryptolyze tls simulate example.com
Protocol Versions¶
Certain protocol parts may be available only a certain versions of the given protocol. The obvious example again is the TLS, where the extensions are available only from the 1.2 version. It is also possible that a protocol part works differently in the case of different protocol versions. An example of that is the Diffie-Hellman parameter negotiation in TLS version 1.2 compared to version 1.3. It means that it makes sense to analyze using different protocol versions.
cryptolyze tls1_2 simulate example.com
cryptolyze tls1_2 dhparams example.com
cryptolyze tls1_3 dhparams example.com
All-in-one Analysis¶
Just like at the top level of the command structure, the help also available at the level of protocol versions. At this level help lists and describes the protocol-specific subcommands. This structured command hierarchy makes possible to analyze the protocol part which is actually in the focus, which reduces the load on the server during the analysis and also shortens analysis run time. However, sometimes it is necessary to run all the available analyses at one, which also possible using the following command.
cryptolyze tls all example.com
Analysis Targets¶
Any subcommand represents a certain type of analysis and as such must have a target – example.com in the examples above. The target – independently from the command and the subcommand – is always a URI, however different subcommands can interpret only certain parts of the URI. For instance, in the case of an SSH server usually only the port of the service is important beyond the address of the analyzable server. In the case of the TLS protocol port is less important as its default value is determined by the application layer (e.g. IMAP/143, POP3/110), which is usually not changed by the administrators. However, the application layer protocol also determines the way we can initiate the TLS layer (opportunistic TLS), meaning that it must be passed to the analyzer. The scheme part of the URI servers that purpose when we analyze a TLS server.
cryptolyze ssh ciphers example.com:2222
cryptolyze tls versions smtp://smtp.google.com:25
Another important information about the target is the address, which may come from the domain name, but it is possible that a fully qualified domain name is resolved with multiple IP addresses and we want to determine the IP address. When the domain name has significance in itself – which is the case in TLS, because of server name indication (SNI) – the IP address should be given separately, using the fragment part of the URI. Anyway, all the subcommands have their own help, which contains the interpreted part of the URI and their possible values.
cryptolyze tls versions tls://dns.google:443#8.8.4.4
The command-line interface makes available to give multiple analyzable target as arguments, when the targets are analyzed one after another.
cryptolyze tls versions tls://dns.google tls://one.one.one.one ...
Logging¶
The command-line interface and the Python API provide the same log messages. The content of the messages relates to the analysis process, so the log levels also refer to the analysis process, not the result of the analysis. It means that changing the log level to critical will suppress messages that are about the offered cryptographic algorithms, or HTTP headers by the server, but keep the messages about connection failures for instance.
cryptolyze tls versions --log-level critical tls://dns.google
Cryptographic Protocols¶
All the cryptographic protocols have the same building blocks, namely peer authentication, key exchange, symmetric encryption, and message integrity, so they can be analyzed more or less in the same. However, the information on which the analysis is based can be acquired differently, and the results are similar enough to use (almost) the same structure in the case of different cryptographic protocols. The technical terms used in the standards of the different cryptographic protocols may differ from each other, the command-line interface uses the same terms for the same cryptographic protocol parts to create uniformity.
cryptolyze tls1_2 ciphers example.com
cryptolyze ssh2 ciphers example.com
cryptolyze tls1_2 dhparams example.com
cryptolyze ssh2 dhparams example.com
cryptolyze tls1_2 pubkeys example.com
cryptolyze ssh2 pubkeys example.com
Obviously, there are differences between the cryptographic protocols, meaning that there can be subcommands exclusive for a protocol, or for a protocol version. For instance, the negotiation of elliptic-curve between the peers is part of the cipher suite (algorithm) negotiation in the case of the SSH protocol, while in the case of TLS protocol an extension server that purpose. It means that the elliptic curves supported by a TLS server can be analyzed independently from the cipher suite negotiation, so there is a subcommand for that (and other) purpose.
cryptolyze tls1_2 curves example.com
cryptolyze tls1_2 pubkeyreq example.com
cryptolyze tls1_2 sigalgos example.com
Other Protocols¶
Domain Name System¶
The domain name system can be analyzed from two perspectives. On the one hand, it is important to analyze how the
records of a certain domain can be transported via the internet, especially since DNS systems use unauthenticated
messages. The DNSSSEC protocol provides
authenticity and integrity for the DNS system, using public key cryptography and message authentication, which can be
analyzed just as in other cryptographic protocols. In accordance with the above, there is a subcommand (dnssec
) used
to analyze DNSSEC support if available.
cryptolyze dns dnssec example.com
On the other hand, there are several security methods that publish related data in different DNS records. However, the
content of these records is simply text and is not necessarily straightforward for the user. The analyzer in that case
does not analyze the configuration of a running service as it does in the case of tls
, ssh`, or ``dnssec
, but
the published configuration of security method such as DMARC or SPF, published in a DNS record. For instance, the
content of the e-mail system-related DNS records can be analyzed by the mail
subcommand.
cryptolyze dns mail example.com
Hypertext Transfer Protocol¶
Similarly to DNS, the HTTP protocol can also be analyzed from more than one perspective. The confidentiality and
integrity of the transfer data are guaranteed by the TLS protocol, which can be analyzed by the tls
subcommand.
cryptolyze http headers example.com
Output Formats¶
Highlighted¶
The default format provides a human-readable output using the traffic light rating system, with the well-known red, amber (yellow), and green colors, where these colors indicate the different security levels of the cryptographic algorithms, (a)symmetric key sizes, or any methods that respectively considered
insecure: should not be used in any circumstances
questionable: should not be preferred, or may be omitted depending on the details
secure: should be used exclusively, or at least preferred
This output contains not only the security level of the algorithms, key size, or methods but also states the reason, whether they are considered insecure or questionable. For instance, the encryption algorithm DES is insecure – because it is affected by the Sweet32 attack –, or Diffie–Hellman key exchange with if larger key sizes are used questionable, because of the D(HE)at attack. These findings are part of the output to able the user to understand the reason and handle the threat properly.
Markdown¶
The output similar to the highlighted output format, except that it is not colorized.
$ cryptolyze --output-format=markdown tls versions dns.google
* Target:
* Scheme: tls
* Address: dns.google
* IP address: 8.8.4.4
* Port: 443
* Protocol Version: n/a
* Protocol Versions:
1. TLS 1.2
2. TLS 1.3
* Alerts Unsupported TLS Version: yes
As a consequence of the Markdown format, it is still human-readable, but it also makes possible the post-processing by document converter tools such as Pandoc, giving the opportunity to create a standalone document or insert the analysis result into a report easily.
$ cryptolyze --output-format=markdown tls all example.com \
| pandoc --from markdown --to docx --output analysis.docx
JSON¶
The JSON output format serves the purpose of machine processing. Along with the fact that CryptoLyzer has a Python API,
one may want to process the analysis result from other programming languages, or just simply transform it using other
tools. One can simply pretty-print the JSON output by jq
,
$ cryptolyze --output-format=json tls versions dns.google | jq
{
"target": {
"scheme": "tls",
"address": "dns.google",
"ip": "8.8.8.8",
"port": 443,
"proto_version": null
},
"versions": [
"tls1_2",
"tls1_3"
],
"alerts_unsupported_tls_version": true
}
or can perform more complex transformations, such as selecting the public key types of an SSH server from the analysis result.
$ cryptolyze --output-format json ssh2 pubkeys github.com \
| jq --raw-output .public_keys[].key_type
ECDSA
ED25519
RSA