Created
January 30, 2020 19:22
-
-
Save c0rv4x/7193fc8c8e09b5e79445f9dd11f911af to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM alpine:3.8 | |
| #################################################### | |
| ######## GCC and tools ########### | |
| #################################################### | |
| # The GNU Compiler Collection 5.3.0-r0 | |
| RUN set -x \ | |
| && apk add --no-cache \ | |
| bash \ | |
| wget \ | |
| gcc \ | |
| tar \ | |
| alpine-sdk \ | |
| perl \ | |
| linux-headers \ | |
| zlib-dev\ | |
| && rm -rf /var/cache/apk/* | |
| ############################################################################### | |
| # INSTALLATION | |
| ############################################################################### | |
| ### Some env variables | |
| ### I don't know how to get the latest version of OpenSSL, like openssl-latest.tar.gz | |
| ### So I have to put the version here | |
| ENV OPENSSL_VERSION="1.0.2p" | |
| RUN set -x \ | |
| ### BUILD OpenSSL | |
| && wget --no-check-certificate -O /tmp/openssl-${OPENSSL_VERSION}.tar.gz "https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz" \ | |
| && tar -xvf /tmp/openssl-${OPENSSL_VERSION}.tar.gz -C /tmp/ \ | |
| && rm -rf /tmp/openssl-${OPENSSL_VERSION}.tar.gz \ | |
| && cd /tmp/openssl-${OPENSSL_VERSION} \ | |
| && ./Configure linux-x86_64 enable-weak-ssl-ciphers shared\ | |
| && make \ | |
| && make install \ | |
| && cd .. \ | |
| && rm -rf openssl-${OPENSSL_VERSION} | |
| ENV PATH /usr/local/ssl/bin:$PATH | |
| ### Python ### | |
| RUN wget https://www.python.org/ftp/python/3.7.6/Python-3.7.6.tgz -O /tmp/python.tgz | |
| RUN mkdir /tmp/python | |
| RUN tar -xvf /tmp/python.tgz -C /tmp/python | |
| RUN ls -l /tmp/python | |
| ENV LDFLAGS "-L/usr/local/ssl/lib/ -L/usr/local/ssl/lib64/" | |
| ENV LD_LIBRARY_PATH "/usr/local/ssl/lib/:/usr/local/ssl/lib64/" | |
| ENV CPPFLAGS "-I/usr/local/ssl/include -I/usr/local/ssl/include/openssl" | |
| RUN /tmp/python/Python-3.7.6/configure --prefix=/usr/local/ssl/ \ | |
| && make \ | |
| && make install | |
| RUN pip3 install requests | |
| RUN ls -l /usr/local/ssl/ | |
| COPY test.py /test.py | |
| ENTRYPOINT [ "python3", "/test.py" ] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import urllib3 | |
| from multiprocessing.pool import ThreadPool | |
| requests.packages.urllib3.disable_warnings() | |
| requests.packages.urllib3.util.ssl_.DEFAULT_CIPHERS = 'ALL' | |
| def process(pair): | |
| url, name = pair | |
| - | |
| try: | |
| requests.get(url, verify=False) | |
| except: | |
| return (url, name, False) | |
| else: | |
| return (url, name, True) | |
| bad = [ | |
| ("https://expired.badssl.com/", "expired"), | |
| ("https://wrong.host.badssl.com/", "wrong.host"), | |
| ("https://self-signed.badssl.com/", "self-signed"), | |
| ("https://untrusted-root.badssl.com/", "untrusted-root"), | |
| ("https://revoked.badssl.com/", "revoked"), | |
| ("https://pinning-test.badssl.com/", "pinning-test"), | |
| ("https://sha1-intermediate.badssl.com/", "sha1-intermediate"), | |
| ("https://client-cert-missing.badssl.com/", "client-cert-missing"), | |
| ("https://mixed-script.badssl.com/", "mixed-script"), | |
| ("https://very.badssl.com/", "very"), | |
| ("http://http.badssl.com/", "http"), | |
| ("http://http-textarea.badssl.com/", "http-textarea"), | |
| ("http://http-password.badssl.com/", "http-password"), | |
| ("http://http-login.badssl.com/", "http-login"), | |
| ("http://http-dynamic-login.badssl.com/", "http-dynamic-login"), | |
| ("http://http-credit-card.badssl.com/", "http-credit-card"), | |
| ("https://rc4-md5.badssl.com/", "rc4-md5"), | |
| ("https://rc4.badssl.com/", "rc4"), | |
| ("https://3des.badssl.com/", "3des"), | |
| ("https://null.badssl.com/", "null"), | |
| ("https://mozilla-old.badssl.com/", "mozilla-old"), | |
| ("https://dh480.badssl.com/", "dh480"), | |
| ("https://dh512.badssl.com/", "dh512"), | |
| ("https://dh1024.badssl.com/", "dh1024"), | |
| ("https://dh-small-subgroup.badssl.com/", "dh-small-subgroup"), | |
| ("https://dh-composite.badssl.com/", "dh-composite"), | |
| ("https://invalid-expected-sct.badssl.com/", "invalid-expected-sct"), | |
| ("https://no-sct.badssl.com/", "no-sct"), | |
| ("https://subdomain.preloaded-hsts.badssl.com/", | |
| "subdomain.preloaded-hsts"), | |
| ("https://superfish.badssl.com/", "(Lenovo) Superfish"), | |
| ("https://edellroot.badssl.com/", "(Dell) eDellRoot"), | |
| ("https://dsdtestprovider.badssl.com/", "(Dell) DSD Test Provider"), | |
| ("https://preact-cli.badssl.com/", "preact-cli"), | |
| ("https://webpack-dev-server.badssl.com/", "webpack-dev-server"), | |
| ("https://captive-portal.badssl.com/", "captive-portal"), | |
| ("https://mitm-software.badssl.com/", "mitm-software"), | |
| ("https://sha1-2017.badssl.com/", "sha1-2017"), | |
| ] | |
| pool = ThreadPool(15) | |
| results = pool.map(process, bad) | |
| for x in results: | |
| url, name, res = x | |
| if not res: | |
| print('Failed', url, name) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment