Metasploit mailing list archives
fuzzing over ssl
From: hdm at metasploit.com (H D Moore)
Date: Tue, 24 Jun 2008 15:48:58 -0500
Any auxiliary module that uses the Exploit::Remote::Tcp mixin could do this, just set the SSL variable to 1 and it will negotiate SSL. Attached is a quick template for doing this, place it into modules/auxiliary/ and use it with the following syntax: msf> use auxiliary/sslboom msf auxiliary/sslboom > set RHOST target_host msf auxiliary/sslboom > run -HD On Tuesday 24 June 2008, arthur wrote:
Now I can crash?our tcp server by sending a 10k file (nc -c 'cat xxx'...). However, since there is an ssl front end to accept the real client connections so I need to test?out from?the front end.?I think openssl s_client should work but I also think msf may do the job better (e.g. sending?msg with some formating).?Is there an auxiliary can?1)?connect using ssl, 2)then?send a big message to server. Thanks.
-------------- next part -------------- A non-text attachment was scrubbed... Name: sslboom.rb Type: application/x-ruby Size: 1232 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080624/c78a6b25/attachment.rb>
Current thread:
- fuzzing over ssl arthur (Jun 24)
- fuzzing over ssl H D Moore (Jun 24)
- fuzzing over ssl arthur (Jun 24)
- fuzzing over ssl H D Moore (Jun 24)