Skip to content

Instantly share code, notes, and snippets.

@c0rv4x
Created January 30, 2020 19:22
Show Gist options
  • Save c0rv4x/7193fc8c8e09b5e79445f9dd11f911af to your computer and use it in GitHub Desktop.
Save c0rv4x/7193fc8c8e09b5e79445f9dd11f911af to your computer and use it in GitHub Desktop.
FROM alpine:3.8
####################################################
######## GCC and tools ###########
####################################################
# The GNU Compiler Collection 5.3.0-r0
RUN set -x \
&& apk add --no-cache \
bash \
wget \
gcc \
tar \
alpine-sdk \
perl \
linux-headers \
zlib-dev\
&& rm -rf /var/cache/apk/*
###############################################################################
# INSTALLATION
###############################################################################
### Some env variables
### I don't know how to get the latest version of OpenSSL, like openssl-latest.tar.gz
### So I have to put the version here
ENV OPENSSL_VERSION="1.0.2p"
RUN set -x \
### BUILD OpenSSL
&& wget --no-check-certificate -O /tmp/openssl-${OPENSSL_VERSION}.tar.gz "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" \
&& tar -xvf /tmp/openssl-${OPENSSL_VERSION}.tar.gz -C /tmp/ \
&& rm -rf /tmp/openssl-${OPENSSL_VERSION}.tar.gz \
&& cd /tmp/openssl-${OPENSSL_VERSION} \
&& ./Configure linux-x86_64 enable-weak-ssl-ciphers shared\
&& make \
&& make install \
&& cd .. \
&& rm -rf openssl-${OPENSSL_VERSION}
ENV PATH /usr/local/ssl/bin:$PATH
### Python ###
RUN wget https://www.python.org/ftp/python/3.7.6/Python-3.7.6.tgz -O /tmp/python.tgz
RUN mkdir /tmp/python
RUN tar -xvf /tmp/python.tgz -C /tmp/python
RUN ls -l /tmp/python
ENV LDFLAGS "-L/usr/local/ssl/lib/ -L/usr/local/ssl/lib64/"
ENV LD_LIBRARY_PATH "/usr/local/ssl/lib/:/usr/local/ssl/lib64/"
ENV CPPFLAGS "-I/usr/local/ssl/include -I/usr/local/ssl/include/openssl"
RUN /tmp/python/Python-3.7.6/configure --prefix=/usr/local/ssl/ \
&& make \
&& make install
RUN pip3 install requests
RUN ls -l /usr/local/ssl/
COPY test.py /test.py
ENTRYPOINT [ "python3", "/test.py" ]
import requests
import urllib3
from multiprocessing.pool import ThreadPool
requests.packages.urllib3.disable_warnings()
requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS = 'ALL'
def process(pair):
url, name = pair
-
try:
requests.get(url, verify=False)
except:
return (url, name, False)
else:
return (url, name, True)
bad = [
("https://expired.badssl.com/", "expired"),
("https://wrong.host.badssl.com/", "wrong.host"),
("https://self-signed.badssl.com/", "self-signed"),
("https://untrusted-root.badssl.com/", "untrusted-root"),
("https://revoked.badssl.com/", "revoked"),
("https://pinning-test.badssl.com/", "pinning-test"),
("https://sha1-intermediate.badssl.com/", "sha1-intermediate"),
("https://client-cert-missing.badssl.com/", "client-cert-missing"),
("https://mixed-script.badssl.com/", "mixed-script"),
("https://very.badssl.com/", "very"),
("http://http.badssl.com/", "http"),
("http://http-textarea.badssl.com/", "http-textarea"),
("http://http-password.badssl.com/", "http-password"),
("http://http-login.badssl.com/", "http-login"),
("http://http-dynamic-login.badssl.com/", "http-dynamic-login"),
("http://http-credit-card.badssl.com/", "http-credit-card"),
("https://rc4-md5.badssl.com/", "rc4-md5"),
("https://rc4.badssl.com/", "rc4"),
("https://3des.badssl.com/", "3des"),
("https://null.badssl.com/", "null"),
("https://mozilla-old.badssl.com/", "mozilla-old"),
("https://dh480.badssl.com/", "dh480"),
("https://dh512.badssl.com/", "dh512"),
("https://dh1024.badssl.com/", "dh1024"),
("https://dh-small-subgroup.badssl.com/", "dh-small-subgroup"),
("https://dh-composite.badssl.com/", "dh-composite"),
("https://invalid-expected-sct.badssl.com/", "invalid-expected-sct"),
("https://no-sct.badssl.com/", "no-sct"),
("https://subdomain.preloaded-hsts.badssl.com/",
"subdomain.preloaded-hsts"),
("https://superfish.badssl.com/", "(Lenovo) Superfish"),
("https://edellroot.badssl.com/", "(Dell) eDellRoot"),
("https://dsdtestprovider.badssl.com/", "(Dell) DSD Test Provider"),
("https://preact-cli.badssl.com/", "preact-cli"),
("https://webpack-dev-server.badssl.com/", "webpack-dev-server"),
("https://captive-portal.badssl.com/", "captive-portal"),
("https://mitm-software.badssl.com/", "mitm-software"),
("https://sha1-2017.badssl.com/", "sha1-2017"),
]
pool = ThreadPool(15)
results = pool.map(process, bad)
for x in results:
url, name, res = x
if not res:
print('Failed', url, name)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment