New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Initial commit for supporting SSL Labs API #5016
Conversation
Thanks! I gave this a quick spin and found that the module backtraces if given an IP address for hostname. Would it be better if it caught and logged the API error nicely to the console instead?
|
Thanks for this. SSL Labs does not support assessment via IP address. I'll fix it soon as possible. |
I changed the report logging semantics a little with some wrappers. print_error is generally reserved for runtime errors in the modules themselves, not reports of bad things found on the remote server. print_warning was a little more grey (or yellow) so I left it. Thanks. |
Great. Thank you. |
Edited modules/auxiliary/dos/http/ms15_034_ulonglongadd.rb first landed in rapid7#5150, @wchen-r7's DOS module for CVE-2015-1635 HTTP.sys Edited modules/auxiliary/gather/apple_safari_ftp_url_cookie_theft.rb first landed in rapid7#5192, @joevennix's module for Safari CVE-2015-1126 Edited modules/auxiliary/gather/java_rmi_registry.rb first landed in Edited modules/auxiliary/gather/ssllabs_scan.rb first landed in rapid7#5016, add SSL Labs scanner Edited modules/auxiliary/scanner/http/goahead_traversal.rb first landed in rapid7#5101, Add Directory Traversal for GoAhead Web Server Edited modules/auxiliary/scanner/http/owa_iis_internal_ip.rb first landed in rapid7#5158, OWA internal IP disclosure scanner Edited modules/auxiliary/scanner/http/wp_mobileedition_file_read.rb first landed in rapid7#5159, WordPress Mobile Edition Plugin File Read Vuln Edited modules/exploits/linux/http/multi_ncc_ping_exec.rb first landed in rapid7#4924, @m-1-k-3's DLink CVE-2015-1187 exploit Edited modules/exploits/unix/webapp/wp_slideshowgallery_upload.rb first landed in rapid7#5131, WordPress Slideshow Upload Edited modules/exploits/windows/local/run_as.rb first landed in rapid7#4649, improve post/windows/manage/run_as and as an exploit (These results courtesy of a delightful git alias, here: ``` cleanup-prs = !"for i in `git status | grep modules | sed s/#.*modules/modules/`; do echo -n \"Edited $i first landed in \" && git log --oneline --first-parent $i | tail -1 | sed 's/.*Land //' && echo ''; done" ``` So that's kind of fun.
This pull request contains a client for SSL Labs APIs as module. SSL Labs APIs - SSL/TLS assessment API, which can be used to test SSL servers available on the public Internet. This module is based on source code of ssllabs.rb. This is initial commit that provide base functionality.
Authors:
Links:
SSL Labs API Documentation v1.16.x