SSL (OpenSSL?) Issue

[SolomonSklash]

When I run Photon against certain domains, using this command, python3 photon.py -u autodiscover.tesla.com, I get the following error:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 453, in wrap_socket
    cnx.do_handshake()
  File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 1915, in do_handshake
    self._raise_ssl_error(self._ssl, result)
  File "/usr/lib/python3/dist-packages/OpenSSL/SSL.py", line 1647, in _raise_ssl_error
    _raise_current_error()
  File "/usr/lib/python3/dist-packages/OpenSSL/_util.py", line 54, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.SSL.Error: [('SSL routines', 'tls12_check_peer_sigalg', 'wrong signature type')]

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
    chunked=chunked)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 343, in _make_request
    self._validate_conn(conn)
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 841, in _validate_conn
    conn.connect()
  File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 344, in connect
    ssl_context=context)
  File "/usr/lib/python3/dist-packages/urllib3/util/ssl_.py", line 344, in ssl_wrap_socket
    return context.wrap_socket(sock, server_hostname=server_hostname)
  File "/usr/lib/python3/dist-packages/urllib3/contrib/pyopenssl.py", line 459, in wrap_socket
    raise ssl.SSLError('bad handshake: %r' % e)
ssl.SSLError: ("bad handshake: Error([('SSL routines', 'tls12_check_peer_sigalg', 'wrong signature type')])",)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.7/dist-packages/requests/adapters.py", line 449, in send
    timeout=timeout
  File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 638, in urlopen
    _stacktrace=sys.exc_info()[2])
  File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 398, in increment
    raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='autodiscover.tesla.com', port=443): Max retries exceeded with url: /robots.txt (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls12_check_peer_sigalg', 'wrong signature type')])")))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "photon.py", line 270, in <module>
    zap(main_url, args.archive, domain, host, internal, robots)
  File "/home/bounty/bounty/tools/Photon/core/zap.py", line 23, in zap
    response = requests.get(input_url + '/robots.txt', verify=False).text
  File "/usr/local/lib/python3.7/dist-packages/requests/api.py", line 75, in get
    return request('get', url, params=params, **kwargs)
  File "/usr/local/lib/python3.7/dist-packages/requests/api.py", line 60, in request
    return session.request(method=method, url=url, **kwargs)
  File "/usr/local/lib/python3.7/dist-packages/requests/sessions.py", line 533, in request
    resp = self.send(prep, **send_kwargs)
  File "/usr/local/lib/python3.7/dist-packages/requests/sessions.py", line 668, in send
    history = [resp for resp in gen] if allow_redirects else []
  File "/usr/local/lib/python3.7/dist-packages/requests/sessions.py", line 668, in <listcomp>
    history = [resp for resp in gen] if allow_redirects else []
  File "/usr/local/lib/python3.7/dist-packages/requests/sessions.py", line 247, in resolve_redirects
    **adapter_kwargs
  File "/usr/local/lib/python3.7/dist-packages/requests/sessions.py", line 646, in send
    r = adapter.send(request, **kwargs)
  File "/usr/local/lib/python3.7/dist-packages/requests/adapters.py", line 514, in send
    raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='autodiscover.tesla.com', port=443): Max retries exceeded with url: /robots.txt (Caused by SSLError(SSLError("bad handshake: Error([('SSL routines', 'tls12_check_peer_sigalg', 'wrong signature type')])")))

What I think may be happening is something to do with the site supporting TLSv1.0, similar to issue #113.
It may even be something to do with OpenSSL, as when I run curl -ki https://autodiscover.tesla.com, I get the following output: curl: (35) error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature type, which matches the Python error above.

I have tried adding verify=False to all of the requests.get() calls in core/zap.py, but nothing changes. It seems to be an issue in the TLS negotiation itself.

Using latest updated Kali Linux: Linux thinkpad 4.19.0-kali4-amd64 #1 SMP Debian 4.19.28-2kali1 (2019-03-18) x86_64 GNU/Linux
Python version: Python 3.7.3rc1
OpenSSL: OpenSSL 1.1.1b 26 Feb 2019

Thanks for this great tool!

[SolomonSklash]

I tested the same domain with OpenSSL directly, using openssl s_client -connect autodiscover.tesla.com:443 and I was able to connect without error. I assume curl is using OpenSSL, but maybe not since OpenSSL itself is not throwing an error.

[s0md3v]

Hi there,
Looks like requests doesn't support older TLS versions anymore.
I am sorry but I don't think it can be fixed from our side.

[SolomonSklash]

Any chance a try/except block could be added to cleanup the output?