Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
BUG in “Testing For Ssl-Tls” plugin in latest Kali #442
@7a : It looks as if the “does this server speak HTTPS” check is broken because TLSed was called and hanging on a port that was only listening on port 80, where the URL was starting with “http://”.
root 21887 5742 0 03:14 ? 00:00:00 /bin/sh -c cd owtf_review/targets/http__some.host.com/partial/Testing_For_Ssl-Tls/active; /usr/bin/tlssled some.host.com 80 root 21888 21887 0 03:14 ? 00:00:00 bash /usr/bin/tlssled some.host.com 80 root 21908 21888 0 03:14 ? 00:00:00 sslscan some.host.com 80
TLSSled should have NOT been invoked, because the service does NOT “speak HTTPS”
This happened before, take a look at the issue tracker, the last couple of times it was down to the length of the output returned by openssl being different, hence making the “does this service speak HTTPS?” check is not working.