Skip to content

/ metasploit-framework

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Initial commit for supporting SSL Labs API #5016

Merged
merged 3 commits into from Apr 21, 2015
Merged

Initial commit for supporting SSL Labs API #5016

merged 3 commits into from Apr 21, 2015

Conversation

@dnkolegov
Copy link
Contributor

dnkolegov commented Mar 27, 2015

This pull request contains a client for SSL Labs APIs as module. SSL Labs APIs - SSL/TLS assessment API, which can be used to test SSL servers available on the public Internet. This module is based on source code of ssllabs.rb. This is initial commit that provide base functionality.

Authors:

  • Denis Kolegov (@dnkolegov) - module developer
  • Francois Chagnon (@EiNSTeiN-) - ssllabs.rb developer

Links:
SSL Labs API Documentation v1.16.x
dnkolegov added 2 commits Mar 27, 2015
@dnkolegov
Initial commit for supporting SSL Labs API
Loading status checks…
3515a0a
@dnkolegov
Fix stdout errors
Loading status checks…
45f8738
@bcook-r7

This comment has been minimized.

Sign in to view
Copy link
Contributor

bcook-r7 commented Mar 27, 2015

Thanks! I gave this a quick spin and found that the module backtraces if given an IP address for hostname. Would it be better if it caught and logged the API error nicely to the console instead?

msf auxiliary(ssllabs_scan) > set hostname 74.125.239.116
hostname => 74.125.239.116
msf auxiliary(ssllabs_scan) > run

[*] SSL Labs API info
[*] API version: 1.15.1
[*] Evaluation criteria: 2009i
[*] Running assessments: 0 (max 25)
[-] Auxiliary failed: Msf::Modules::Mod617578696c696172792f6761746865722f73736c6c6162735f7363616e::Metasploit3::InvocationError invalid parameters
[-] Call stack:
[-]   /Users/bcook/projects/metasploit-framework/modules/auxiliary/gather/ssllabs_scan.rb:55:in `request'
[-]   /Users/bcook/projects/metasploit-framework/modules/auxiliary/gather/ssllabs_scan.rb:74:in `analyse'
[-]   /Users/bcook/projects/metasploit-framework/modules/auxiliary/gather/ssllabs_scan.rb:739:in `run'
[*] Auxiliary module execution completed
@dnkolegov

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

dnkolegov commented Mar 27, 2015

Thanks for this. SSL Labs does not support assessment via IP address. I'll fix it soon as possible.
@dnkolegov
Add output of API errors to console
Loading status checks…
9d78aa9
@bcook-r7 bcook-r7 self-assigned this Apr 20, 2015
@bcook-r7 bcook-r7 merged commit 9d78aa9 into rapid7:master Apr 21, 2015
1 check passed
1 check passed
continuous-integration/travis-ci/pr The Travis CI build passed
Details
bcook-r7 added a commit that referenced this pull request Apr 21, 2015
@bcook-r7
Land #5016, add SSL Labs scanner
Verified
This commit was signed with a verified signature.
bcook-r7 Brent Cook
GPG key ID: 1FFAA0B24B708F96 Learn about signing commits
Loading status checks…
9a49538
@bcook-r7

This comment has been minimized.

Sign in to view
Copy link
Contributor

bcook-r7 commented Apr 21, 2015

I changed the report logging semantics a little with some wrappers. print_error is generally reserved for runtime errors in the modules themselves, not reports of bad things found on the remote server. print_warning was a little more grey (or yellow) so I left it. Thanks.
@dnkolegov

This comment has been minimized.

Sign in to view
Copy link
Contributor Author

dnkolegov commented Apr 22, 2015

Great. Thank you.
wvu-r7 added a commit to wvu-r7/metasploit-framework that referenced this pull request Apr 30, 2015
@wvu-r7
Fix rapid7#5016, typo fix in description
Verified
This commit was signed with a verified signature.
wvu-r7
GPG key ID: 68BD00CE25866743 Learn about signing commits
3baa717
todb-r7 added a commit to todb-r7/metasploit-framework that referenced this pull request May 6, 2015
@todb-r7
Various post-commit fixups
Unverified
The committer email address is not verified.
Learn about signing commits
f423306 
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed
in rapid7#5150, @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys

Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb
first landed in rapid7#5192, @joevennix's module for Safari CVE-2015-1126

Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in

Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in rapid7#5016,
add SSL Labs scanner

Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed
in rapid7#5101, Add Directory Traversal for GoAhead Web Server

Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first
landed in rapid7#5158, OWA internal IP disclosure scanner

Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb
first landed in rapid7#5159, WordPress Mobile Edition Plugin File Read Vuln

Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed
in rapid7#4924, @m-1-k-3's DLink CVE-2015-1187 exploit

Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first
landed in rapid7#5131, WordPress Slideshow Upload

Edited modules/exploits/windows/local/run_as.rb first landed in rapid7#4649,
improve post/windows/manage/run_as and as an exploit

(These results courtesy of a delightful git alias, here:

```
  cleanup-prs = !"for i in `git status | grep modules | sed
s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git
log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo
''; done"

```

So that's kind of fun.
@todb-r7 todb-r7 mentioned this pull request May 6, 2015
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@bcook-r7 bcook-r7

Labels
feature module
Projects
None yet
Milestone
No milestone
3 participants
@dnkolegov @bcook-r7 @wvu-r7
You can’t perform that action at this time.