Scanning for HTTP/2 with Rumble
This Tuesday, Jonathan Looney, a researcher at Netflix, disclosed seven different ways to break common HTTP/2 protocol implementations, while an eighth issue was disclosed by Piotr Sikora of Google. These issues could be used to exhaust the resources of affected HTTP/2 implementations.
Shortly after the HTTP/2 issues were disclosed, a Rumble user reached out asking if we could help identify HTTP/2 endpoints on their network. We are happy to announce that as of version
0.8.14, the Rumble Agent and Rumble Scanner now probe for HTTP/2 automatically, recording the protocol and the HTTP/2 specific responses (status, headers, body). For users of the Rumble Network Discovery web console, HTTP/2 enabled nodes can be identified by using Inventory search term
protocol:http2. Users of the command-line Rumble Scanner can view the
assets.html report and search for nodes with the
http2 protocol flagged.
As an alternative to Rumble, the Nmap Security Scanner can also identify HTTP/2 implementations via the
tls-nextprotoneg NSE. The CVEs for the eight HTTP/2 issues are CVE-2019-9511, CVE-2019-9512, CVE-2019-9513, CVE-2019-9514, CVE-2019-9515, CVE-2019-9516, CVE-2019-9517, and CVE-2019-9518. The CERT/CC Wiki provides a matrix of affected vendors, including both software packages and service providers.
As always, if you have questions, feedback, or suggestions please reach out!
August 6, 2020
Recog Development with Rumble
Overview Recog may be one of the most underrated open source security projects of all time. Recog started off in the early 2000s as the fingerprinting backend for Rapid7’s Nexpose (aka InsightVM) vulnerability scanner. It was released as open source in 2014 and …Read More
August 4, 2020
Rumble 1.10: Continuous Scans, Site Defaults, and More!
Overview Rumble 1.10 is live with continuous scanning, user interface updates, an event log, updates to the scan engine, additional fingerprints, and a new way to keep recurring scans in sync with their sites! Continuous Scanning All paid plans now support a new Continuous …Read More
July 7, 2020
Rumble 1.9.0: Scan Engine Updates, Reports, and More!
Overview Rumble 1.9.0 is out with major updates to the scan engine, reports, fingerprinting, user interface, documentation, and much more! Scan Engine Folks who scan external assets using their hostnames will now see asset correlation occur using the DNS name itself. For …Read More