Land #6646, add SSL SNI and unify SSLVersion opts
commit
05f585157d
|
@ -44,7 +44,7 @@ module Auxiliary::HttpCrawler
|
|||
OptString.new('BasicAuthPass', [false, 'The HTTP password to specify for basic authentication']),
|
||||
OptString.new('HTTPAdditionalHeaders', [false, "A list of additional headers to send (separated by \\x01)"]),
|
||||
OptString.new('HTTPCookie', [false, "A HTTP cookie header to send with each request"]),
|
||||
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL23', 'SSL3', 'TLS1']]),
|
||||
Opt::SSLVersion
|
||||
], self.class
|
||||
)
|
||||
|
||||
|
|
|
@ -50,7 +50,7 @@ module Exploit::Remote::HttpClient
|
|||
OptString.new('USERNAME', [false, 'The HTTP username to specify for authentication', '']),
|
||||
OptString.new('PASSWORD', [false, 'The HTTP password to specify for authentication', '']),
|
||||
OptBool.new('DigestAuthIIS', [false, 'Conform to IIS, should work for most servers. Only set to false for non-IIS servers', true]),
|
||||
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'Auto', ['Auto', 'SSL2', 'SSL3', 'TLS1']]),
|
||||
Opt::SSLVersion,
|
||||
OptBool.new('FingerprintCheck', [ false, 'Conduct a pre-exploit fingerprint verification', true]),
|
||||
OptString.new('DOMAIN', [ true, 'The domain to use for windows authentification', 'WORKSTATION']),
|
||||
OptInt.new('HttpClientTimeout', [false, 'HTTP connection and receive timeout'])
|
||||
|
|
|
@ -64,7 +64,7 @@ module Exploit::Remote::Tcp
|
|||
register_advanced_options(
|
||||
[
|
||||
OptBool.new('SSL', [ false, 'Negotiate SSL/TLS for outgoing connections', false]),
|
||||
OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL/TLS to be used (TLS and SSL23 are auto-negotiate)', 'TLS1', ['SSL2', 'SSL3', 'SSL23', 'TLS', 'TLS1', 'TLS1.1', 'TLS1.2']]),
|
||||
Opt::SSLVersion,
|
||||
OptEnum.new('SSLVerifyMode', [ false, 'SSL verification method', 'PEER', %W{CLIENT_ONCE FAIL_IF_NO_PEER_CERT NONE PEER}]),
|
||||
OptString.new('SSLCipher', [ false, 'String for SSL cipher - "DHE-RSA-AES256-SHA" or "ADH"']),
|
||||
Opt::Proxies,
|
||||
|
|
|
@ -19,7 +19,6 @@ module Exploit::Remote::TcpServer
|
|||
[
|
||||
OptBool.new('SSL', [ false, 'Negotiate SSL for incoming connections', false]),
|
||||
# SSLVersion is currently unsupported for TCP servers (only supported by clients at the moment)
|
||||
# OptEnum.new('SSLVersion', [ false, 'Specify the version of SSL that should be used', 'TLS1', ['SSL2', 'SSL3', 'TLS1']]),
|
||||
OptPath.new('SSLCert', [ false, 'Path to a custom SSL certificate (default is randomly generated)']),
|
||||
OptAddress.new('SRVHOST', [ true, "The local host to listen on. This must be an address on the local machine or 0.0.0.0", '0.0.0.0' ]),
|
||||
OptPort.new('SRVPORT', [ true, "The local port to listen on.", 8080 ]),
|
||||
|
|
|
@ -51,6 +51,13 @@ module Msf
|
|||
Msf::OptPort.new(__method__.to_s, [ required, desc, default ])
|
||||
end
|
||||
|
||||
# @return [OptEnum]
|
||||
def self.SSLVersion
|
||||
Msf::OptEnum.new('SSLVersion', [ false,
|
||||
'Specify the version of SSL/TLS to be used (Auto, TLS and SSL23 are auto-negotiate)', 'Auto',
|
||||
['Auto', 'SSL2', 'SSL3', 'SSL23', 'TLS', 'TLS1', 'TLS1.1', 'TLS1.2']])
|
||||
end
|
||||
|
||||
# These are unused but remain for historical reasons
|
||||
class << self
|
||||
alias builtin_chost CHOST
|
||||
|
@ -69,6 +76,7 @@ module Msf
|
|||
Proxies = Proxies()
|
||||
RHOST = RHOST()
|
||||
RPORT = RPORT()
|
||||
SSLVersion = SSLVersion()
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -65,7 +65,7 @@ begin
|
|||
when 'SSL2', :SSLv2
|
||||
version = :SSLv2
|
||||
# 'TLS' will be the new name for autonegotation with newer versions of OpenSSL
|
||||
when 'SSL23', :SSLv23, 'TLS'
|
||||
when 'SSL23', :SSLv23, 'TLS', 'Auto'
|
||||
version = :SSLv23
|
||||
when 'SSL3', :SSLv3
|
||||
version = :SSLv3
|
||||
|
@ -124,6 +124,11 @@ begin
|
|||
# Tie the context to a socket
|
||||
self.sslsock = OpenSSL::SSL::SSLSocket.new(self, self.sslctx)
|
||||
|
||||
# If peerhost looks like a hostname, set the undocumented 'hostname'
|
||||
# attribute on sslsock, which enables the Server Name Indication (SNI)
|
||||
# extension
|
||||
self.sslsock.hostname = self.peerhost if !Rex::Socket.dotted_ip?(self.peerhost)
|
||||
|
||||
# Force a negotiation timeout
|
||||
begin
|
||||
Timeout.timeout(params.timeout) do
|
||||
|
|
|
@ -37,7 +37,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1',
|
||||
'RPORT' => 443
|
||||
}
|
||||
))
|
||||
|
|
|
@ -32,7 +32,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'License' => MSF_LICENSE,
|
||||
'DefaultOptions' =>
|
||||
{
|
||||
'SSLVersion' => 'TLS1',
|
||||
'SSL' => true
|
||||
}
|
||||
))
|
||||
|
|
|
@ -31,7 +31,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
name = name.to_s.camelize(:lower)
|
||||
uri = api_path + name
|
||||
cli = Rex::Proto::Http::Client.new(api_host, api_port, {}, true, 'TLS1')
|
||||
cli = Rex::Proto::Http::Client.new(api_host, api_port, {}, true, 'TLS')
|
||||
cli.connect
|
||||
req = cli.request_cgi({
|
||||
'uri' => uri,
|
||||
|
@ -430,7 +430,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
{
|
||||
'RPORT' => 443,
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
}
|
||||
))
|
||||
register_options(
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
}
|
||||
)
|
||||
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1',
|
||||
'RPORT' => 443
|
||||
}
|
||||
))
|
||||
|
|
|
@ -30,7 +30,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
{
|
||||
'SSL' => true,
|
||||
'RPORT' => 443,
|
||||
'SSLVersion' => 'SSL3'
|
||||
},
|
||||
'References' =>
|
||||
[
|
||||
|
@ -43,7 +42,7 @@ class MetasploitModule < Msf::Auxiliary
|
|||
|
||||
register_options(
|
||||
[
|
||||
OptEnum.new('SSLVersion', [true, 'Specify the version of SSL that should be used', 'SSL3', ['SSL2', 'SSL3', 'TLS1']])
|
||||
Opt::SSLVersion
|
||||
]
|
||||
)
|
||||
|
||||
|
|
|
@ -26,7 +26,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
{
|
||||
'RPORT' => 443,
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
}
|
||||
))
|
||||
end
|
||||
|
|
|
@ -25,7 +25,6 @@ class MetasploitModule < Msf::Auxiliary
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
}
|
||||
))
|
||||
register_options(
|
||||
|
|
|
@ -47,7 +47,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'DefaultOptions' => {
|
||||
'RPORT' => 443,
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
},
|
||||
'Platform' => ['unix'],
|
||||
'Arch' => ARCH_CMD,
|
||||
|
|
|
@ -35,7 +35,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'SSL3',
|
||||
'PrependMigrate' => true
|
||||
},
|
||||
'Payload' =>
|
||||
|
|
|
@ -37,7 +37,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
{
|
||||
'EXITFUNC' => 'seh',
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'SSL3'
|
||||
},
|
||||
'Payload' =>
|
||||
{
|
||||
|
|
|
@ -38,7 +38,6 @@ class MetasploitModule < Msf::Exploit::Remote
|
|||
'DefaultOptions' =>
|
||||
{
|
||||
'SSL' => true,
|
||||
'SSLVersion' => 'TLS1'
|
||||
},
|
||||
'Payload' =>
|
||||
{
|
||||
|
|
Loading…
Reference in New Issue