• Services
  • Blog
  • Knowledge Base
  • Contact
our services
  • Application Penetration Testing

    • Username Enumeration
    • iOS Frida Objection Pentesting Cheat Sheet
    • URL Redirection – Attack and Defense
    • Jailbreaking iOS 13 with unc0ver
    • X-Runtime Header Timing Attacks
    • wkhtmltopdf File Inclusion Vulnerability
    • API Mass Assignment Vulnerability
    • Web Server TRACE Enabled
  • AWS Pentesting

    • Protecting S3 buckets using IAM and KMS
    • Misconfigured S3 Bucket
    • S3 Storage Does Not Require Authentication
  • DevOps Security

    • Securing Travis CI
  • Encryption

    • TLS 1.0 Initialization Vector Implementation Information Disclosure Vulnerability
    • OpenSSL ‘ChangeCipherSpec’ (CCS) MiTM Vulnerability
    • Null Ciphers Supported
    • ‘Export Ciphers’ Enabled
  • Network Penetration Testing

    • .NET Handler Enumeration
    • TLS_FALLBACK_SCSV Not Supported
    • PHP Easter Eggs Enabled
    • MySQL Multiple Vulnerabilities
    • Debian Predictable Random Number Generator Weakness
    • Cisco IKE Fragmentation Vulnerability
  • Pentesting Fundamentals

    • Essential Wireshark Skills for Pentesting
    • Testing Cookie Based Session Management
  • Windows Hardening

    • Resolving “Windows NetBIOS / SMB Remote Host Information Disclosure” (2020)
Encryption

‘Export Ciphers’ Enabled

our services

Export Ciphers Enabled

‘Export ciphers’ are low-grade cryptographic ciphers that were authorized to be used outside the US during the 1990’s. During this time encryption was heavily regulated by the US government as auxiliary military equipment. This allowed intelligence agencies greater ease to eavesdrop on foreign communication channels of interest.

Although export ciphers may be strong enough to secure data from the general public, they include many well known flaws that would allow state-sponsored actors to break the encryption if intercepted. Supporting export ciphers poses an excessive risk to users who may be using older web clients.

Because most SSL/TLS services negotiate ciphers in a top-down fashion, it is rare that clients such as web browsers will negotiate all the way to down to export grade encryption. Despite this, consideration should be given to downgrade attacks where negotiation of export ciphers may be forced by a MITM vector.

List of known export ciphers

RFC Cipher Name OpenSSL Cipher Name
SSL_RSA_EXPORT_WITH_RC4_40_MD5 EXP-RC4-MD5
SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5 EXP-RC2-CBC-MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DES-CBC-SHA
TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-DH-DSS-DES-CBC-SHA
TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-DH-RSA-DES-CBC-SHA
TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-DSS-DES-CBC-SHA
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA EXP-EDH-RSA-DES-CBC-SHA
TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 EXP-ADH-RC4-MD5
TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA EXP-ADH-DES-CBC-SHA
TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA EXP-KRB5-DES-CBC-SHA
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA EXP-KRB5-RC2-CBC-SHA
TLS_KRB5_EXPORT_WITH_RC4_40_SHA EXP-KRB5-RC4-SHA
TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 EXP-KRB5-DES-CBC-MD5
TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 EXP-KRB5-RC2-CBC-MD5
TLS_KRB5_EXPORT_WITH_RC4_40_MD5 EXP-KRB5-RC4-MD5
TLS_RSA_EXPORT1024_WITH_RC4_56_MD5 EXP1024-RC4-MD5
TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 EXP1024-RC2-CBC-MD5
TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DES-CBC-SHA
TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA EXP1024-DHE-DSS-DES-CBC-SHA
TLS_RSA_EXPORT1024_WITH_RC4_56_SHA EXP1024-RC4-SHA
TLS_DHE_DSS_EXPORT1024_WITH_RC4_56_SHA EXP1024-DHE-DSS-RC4-SHA

Remediation

Export grade ciphers should be removed unless support is explicitly required to support geographic areas that still may be regulated by federal laws.

Please reference the following URL for more information: https://en.wikipedia.org/wiki/Export_of_cryptography_from_the_United_States

Cisco IKE Fragmentation Vulnerability →
  • Services
  • Blog
  • Knowledge Base
  • Contact
Looking for a better
penetration test?

Make an appointment with an expert today

    Request a meeting invite? (EDT)

    Contact ASAP3:00 PM Today4:00 PM Today1:00 PM Tomorrow3:00 PM TomorrowOther / Just Send Info