Nmap Development mailing list archives
Fwd: http-methods with TLSv1.0 or TLSv1.2
From: Daniel Miller <bonsaiviking () gmail com>
Date: Thu, 21 Jan 2016 09:02:48 -0500
Forgot to include the list on this message. ---------- Forwarded message ---------- From: Daniel Miller <bonsaiviking () gmail com> Date: Thu, Jan 21, 2016 at 9:02 AM Subject: Re: http-methods with TLSv1.0 or TLSv1.2 To: Elena Kozhemyak <elena.kozhemyak () gmail com> Elena, Nmap uses OpenSSL to negotiate the TLS connection. You can see which version of OpenSSL has been linked in your nmap build by running `nmap --version`. If your system's OpenSSL is older than 1.0.1, it probably does not support TLS 1.2. The binaries we distribute for Windows, Linux, and OS X all include the latest OpenSSL: https://nmap.org/download.html Dan On Tue, Jan 19, 2016 at 4:26 AM, Elena Kozhemyak <elena.kozhemyak () gmail com> wrote:
Hi, I would like to test supported HTTP methods on a remote web server running on port 443 with support for TLS1.0 and TLSv1.2. When I execute the script http-methods.nse using the following command, I don't get any result for the supported methods. ############################# nmap -p 443 --script http-methods 10.62.221.12 Starting Nmap 7.00 ( https://nmap.org ) at 2016-01-19 10:12 CET Nmap scan report for 10.62.221.12 Host is up (0.00022s latency). PORT STATE SERVICE 443/tcp open https MAC Address: A4:A1:C2:63:B4:F0 (Ericsson AB) Nmap done: 1 IP address (1 host up) scanned in 10.33 seconds ############################# If I check with wireshark the script only tries TLSv1.1 which is rejected as a non-supported protocol. (See the alert returned from the target in the attached pcap). Is there a way to force the script using TLSv1.0 or TLSv1.2 protocols? Thank you! Best regards, Elena Kozhemyak _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- http-methods with TLSv1.0 or TLSv1.2 Elena Kozhemyak (Jan 20)
- Message not available
- Fwd: http-methods with TLSv1.0 or TLSv1.2 Daniel Miller (Jan 21)
- Message not available