-
Notifications
You must be signed in to change notification settings - Fork 13.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
respect ssl_version
in crawler
#16353
Conversation
When utilizing `Anemone` to crawl pages using `Rex` sockets Framework common `SSL` settings can pull from standardized options. This change enables more fine grained user control and avoids issues with missing or deprecated SSL versions in newer Ruby versions.
31c1434
to
9f8c6b1
Compare
9f8c6b1
to
ebaf584
Compare
@@ -110,7 +110,7 @@ def connect | |||
opts[:target].port, | |||
{}, | |||
opts[:target].ssl, | |||
'SSLv23', | |||
'Auto', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Any reason this is not @opts[:ssl_version]
like in lib/anemone/rex_http.rb
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Notice this object expects opts[:target]
to contain the targeting details, lib/msf/core/auxiliary/web/target.rb does not have an ssl_version
method to access, by using Auto
this provide the most compatibility with whatever OpenSSL version Ruby provides.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Makes sense to me, considering this resolved, though we probably aught to come back to this at some point and look at how we can make this fall in line with the ssl_version
standard code other modules and libraries are using. I'll leave this open for passerby's in case we do decide to make a run through this at some point, might be easier for them to find this when searching for code cases.
For those interested, @jmartin-r7 also noted that Auxiliary::Web::Target
is not actually used in the framework directly and is actually used in Pro code which might be part of the reason for this discrepancy.
Before patch:
|
After patch:
Seems to be working well :) |
Release NotesA bug has been fixed in the Anemone library and in the HTTP crawler libraries and related module to allow pulling and setting of |
When utilizing
Anemone
to crawl pages usingRex
socketsFramework common
SSL
settings can pull from standardized options.This change enables more fine grained user control and avoids issues
with missing or deprecated SSL versions in newer Ruby versions.
Prior to this change SSL attempts fail on Ruby 3:
This is due to an error that is no noted or logged:
Verification
List the steps needed to make sure this thing works
msfconsole
use http/crawler
set RHOST <known http IP or hostname>
such ashttp.com
set RPORT <known http port>
typically80
set SSL true
set RHOST <known https IP or hostname>
such asmetasploit.com
set RPORT <known https port>
typically443