我正在为 pentester lab bootcamp 模块 4 编写一个简单的 SSL 客户端。我为虚拟主机启用了 SSL 并启用了该模块。SSL 客户端是用 Ruby 编写的,运行脚本时出现以下错误:
Traceback (most recent call last):
6: from 4-http_ssl.rb:8:in <main>
5: from /usr/lib/ruby/2.5.0/net/http.rb:1458:in request
4: from /usr/lib/ruby/2.5.0/net/http.rb:909:in start
3: from /usr/lib/ruby/2.5.0/net/http.rb:920:in do_start
2: from /usr/lib/ruby/2.5.0/net/http.rb:985:in connect
1: from /usr/lib/ruby/2.5.0/net/protocol.rb:44:in ssl_socket_connect
/usr/lib/ruby/2.5.0/net/protocol.rb:44:in connect_nonblock: SSL_connect returned=1 errno=0
state=error: wrong version number (OpenSSL::SSL::SSLError)
这是我的脚本
require "net/https"
require "uri"
http = Net::HTTP.new("vulnerable", 443)
http.use_ssl = true
http.verify_mode = OpenSSL::SSL::VERIFY_NONE
response = http.request(Net::HTTP::Get.new("/"))
response.code
response.body
response.status
有人可以在这里给我留言吗?我已经检查了示例和服务器文件,但找不到错误。这看起来应该不会有太大麻烦。我是否缺少一些配置步骤?
正如史蒂芬·乌尔里希(Steffen Ullrich)所指出的,我试图跑步
openssl> s_client
并得到以下输出:
Openssl> s_client -connect vulnerable:443
CONNECTED(00000003)
140093579711616:error:1408F10B:SSL routines:ssl3_get_record:wrong version number:../ssl/record/ssl3_record.c:332:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 5 bytes and written 293 bytes
Verification: OK
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
---
error in s_client
我应该遵循什么步骤?我知道由于缺少 CA 证书,服务器不接受 SSL 连接,我该如何解决此问题?我知道我可以为我的 ssl 客户端创建自定义 CA 证书,有任何线索吗?提前致谢