fuzzing over ssl

[hdm at metasploit.com (H D Moore)]

Any auxiliary module that uses the Exploit::Remote::Tcp mixin could do 
this, just set the SSL variable to 1 and it will negotiate SSL. Attached 
is a quick template for doing this, place it into modules/auxiliary/ and 
use it with the following syntax:

msf> use auxiliary/sslboom
msf auxiliary/sslboom > set RHOST target_host
msf auxiliary/sslboom > run

-HD

On Tuesday 24 June 2008, arthur wrote:
> Now I can crash?our tcp server by sending a 10k file (nc -c 'cat
> xxx'...). However, since there is an ssl front end to accept the real
> client connections so I need to test?out from?the front end.?I think
> openssl s_client should work but I also think msf may do the job better
> (e.g. sending?msg with some formating).?Is there an auxiliary
> can?1)?connect using ssl, 2)then?send a big message to server. Thanks.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: sslboom.rb
Type: application/x-ruby
Size: 1232 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080624/c78a6b25/attachment.rb>