infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add missing info

bug/bundler_fix
Ramon de C Valle 2015-07-16 09:24:50 -07:00
parent 5d6c15a43d
commit 449c751521
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/auxiliary/server/openssl_altchainsforgery_mitm_proxy.rb
View File

@ -20,8 +20,13 @@ class Metasploit3 < Msf::Auxiliary
allowing it to use a valid leaf certificate as a CA certificate to sign a
fake certificate. The SSL/TLS session is then proxied to the server
allowing the session to continue normally and application data transmitted
between the peers to be saved. This module requires an active
man-in-the-middle attack.
between the peers to be saved.
The valid leaf certificate must not contain the keyUsage extension or it
must have at least the keyCertSign bit set (see X509_check_issued function
in crypto/x509v3/v3_purp.c); otherwise; X509_verify_cert fails with
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. This module requires an
active man-in-the-middle attack.
},
'Author' =>
[