New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix #18326 (ssl_version module bug when selecting specific ssl version) #18327
Conversation
I tested this locally and it worked for me! Thanks for the quick fix @h00die One thing I noticed is that the output is much more verbose for TLSv1.2 than for any other SSL version. Is there a reason for that? |
Without seeing output, the best guess I can say is that the amount of ciphers available to Metasploit (through ruby, through openssl) is substantially more in TLS1.2 than others. I found that on my Kali system when I was overhauling the module |
Gotcha, that makes sense 👍 |
The error is fixed. Before:
After:
|
Release NotesFixes an issue where specifying a TLS version in the |
fix #18326
Functions within the
ssl_version
module expectedget_metasploit_ssl_versions
to give a list/array, however if the user selected an individual ssl version, it returned a string. This fixes that.@mzach99 feel free to give this a try and let me know if it fixes the problem
Verification
msfconsole
use auxiliary/scanner/ssl/ssl_version
set rhost [ip]
run
set SSLVersion TLSv1.0
run