-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"Auxiliary failed: ArgumentError unknown SSL method `SSLv3' #7225
Comments
I think this is occurring because the version of OpenSSL that Kali Linux is built with appears to no longer support SSLv3, but metasploit assumes that SSLv3 support is always available. |
so is there any work around? |
You hit the nail on the head. Ruby 2.3.0 supports it, but Kali has it disabled. You would need to ping them about changing it. This is the same root cause as #6783, so I'm going to close this in favor of that. |
OK, I tried removing no-ssl3 no-ssl3-method off the OpenSSL source, compiling and reinstalling it again. but it still throws the same error. |
You would need to recompile ruby too, I believe. |
I ran into this issue writing a https request to check for default passwords on EMC Axeda devices. A Net::HTTP object has a configurable 'ciphers' method - I was able to get beyond this issue by setting the ciphers option and excluding Diffie Hellman ciphers as described by Zack Hobson here ( https://zackhobson.com/2014/02/10/ssl_and_ruby_part_2/ ). Specifically, http.ciphers = ['AES128-SHA']. |
Appreciate the suggestion to include locally compiled libraries (instead of the relying on the system variants) is the 'correct' longer term solution. However, on latest rolling Kali I bumped into this issue with the vmauthd_version module and a quick fix was to change, line 116, from ...SSLContext.new(:SSLv3) to use SSLv23 instead. (Worked on a variety of VMware boxes) |
running vmauthd_login and vmauthd_version modules results in :
"Auxiliary failed: ArgumentError unknown SSL method `SSLv3'." error.
with the following call stack:
`
error has been produced with metasploit-framework 4.12.20-dev
(installed via apt in kali)
The text was updated successfully, but these errors were encountered: