Commit Graph

6 Commits (93979b746062e517716a8c275cd650e2641d4923)

Author SHA1 Message Date
wchen-r7 154fb585f4 Remove bad references (dead links)
These links are no longer available. They are dead links.
2015-10-27 12:41:32 -05:00
jvazquez-r7 a611fff7bf
Use Rex::ThreadSafe.select on CVE-2015-1793 2015-08-08 07:43:39 -07:00
jvazquez-r7 45b4334006
Use Rex::Socket::SslTcpServer
* Also add rex sockets managing
2015-07-24 11:16:09 -05:00
jvazquez-r7 454dd59da8
Add vuln discoverers 2015-07-17 13:37:30 -05:00
Ramon de C Valle 449c751521 Add missing info 2015-07-16 09:36:18 -07:00
Ramon de C Valle 5d6c15a43d Add openssl_altchainsforgery_mitm_proxy.rb
This module exploits a logic error in OpenSSL by impersonating the
server and sending a specially-crafted chain of certificates, resulting
in certain checks on untrusted certificates to be bypassed on the
client, allowing it to use a valid leaf certificate as a CA certificate
to sign a fake certificate. The SSL/TLS session is then proxied to the
server allowing the session to continue normally and application data
transmitted between the peers to be saved. This module requires an
active man-in-the-middle attack.
2015-07-15 22:36:29 -07:00