Nmap Development mailing list archives
Re: Disable SNI extension
From: Sheharbano Khattak <Sheharbano.Khattak () cl cam ac uk>
Date: Wed, 2 Jul 2014 10:29:39 +0100
Thank you Dan. I just wanted to probe a server with no SNI extension in Client Hello. I accomplished the same using OpenSSL: openssl s_client -connect abc.com:443 -servername abc.com On Tue, Jul 1, 2014 at 1:13 PM, Daniel Miller <bonsaiviking () gmail com> wrote:
On Fri, Jun 27, 2014 at 3:31 PM, Sheharbano Khattak < Sheharbano.Khattak () cl cam ac uk> wrote:Hello! For some of my TLS tests, I'd like to see how the server behaves when client hello carries no info. about the host. Is there an option to disable SNI extension? -- Best wishes, --BanoBano, Nmap uses SSL in several different phases of its scanning. Where did you want to disable the SNI extension? In most cases, this will involve modifying Nmap and recompiling, but a few of our NSE scripts (ssl-enum-ciphers, ssl-heartbleed, etc.) do SSL/TLS handshaking directly, so modifying those would simply involve editing the Lua script code. Dan
-- Best wishes, --Bano _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Disable SNI extension Sheharbano Khattak (Jul 01)
- Re: Disable SNI extension Daniel Miller (Jul 01)
- Re: Disable SNI extension Sheharbano Khattak (Jul 06)
- Re: Disable SNI extension Daniel Miller (Jul 01)