BUG in “Testing For Ssl-Tls” plugin in latest Kali #442

Closed
viyatb opened this Issue May 1, 2015 · 1 comment

Comments

Projects
None yet
1 participant
@viyatb
Member

viyatb commented May 1, 2015

@7a : It looks as if the “does this server speak HTTPS” check is broken because TLSed was called and hanging on a port that was only listening on port 80, where the URL was starting with “http://”.

ps -ef | grep -i ssl

Returned:

root     21887  5742  0 03:14 ?        00:00:00 /bin/sh -c cd owtf_review/targets/http__some.host.com/partial/Testing_For_Ssl-Tls/active; /usr/bin/tlssled some.host.com 80
root     21888 21887  0 03:14 ?        00:00:00 bash /usr/bin/tlssled some.host.com 80
root     21908 21888  0 03:14 ?        00:00:00 sslscan some.host.com 80

NOTE: The process had to be killed from the UI Worker interface to continue (after approx. 10 minutes waiting)

Expected Result:

TLSSled should have NOT been invoked, because the service does NOT “speak HTTPS”

HINT:

This happened before, take a look at the issue tracker, the last couple of times it was down to the length of the output returned by openssl being different, hence making the “does this service speak HTTPS?” check is not working.

@viyatb

This comment has been minimized.

Show comment
Hide comment
@viyatb

viyatb Jan 27, 2016

Member

Cannot reproduce with the latest changes (maybe openssl fixed something on their side). I will reopen this if any fresh issue pops up :)

Member

viyatb commented Jan 27, 2016

Cannot reproduce with the latest changes (maybe openssl fixed something on their side). I will reopen this if any fresh issue pops up :)

@viyatb viyatb closed this Jan 27, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment