Skip to content

Instantly share code, notes, and snippets.

@ozuma

ozuma/ccs-injection-tool.md

Last active August 29, 2015 14:08
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ozuma/52fe2e3a9a2edc814af1 to your computer and use it in GitHub Desktop.
Save ozuma/52fe2e3a9a2edc814af1 to your computer and use it in GitHub Desktop.
Download ZIP
CCS Injection: check tool
Raw
ccs-injection-tool.md

Metasploitのモジュールが一番ちゃんとやってるぽい

msf > use auxiliary/scanner/ssl/openssl_ccs
msf auxiliary(openssl_ccs) > set RHOSTS 192.168.204.148
msf auxiliary(openssl_ccs) > exploit

脆弱性があると、こういうメッセージが出る。

[+] 192.168.204.148:443 - No alert after invalid CCS message, probably vulnerable
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

脆弱性が無い場合は、[+]の行が出ないでcompleteと言われるだけ。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment