Merge pull request #9 from todb-r7/warn-about-deflate

Warn the user about SSLCompression
2014-01-21 15:25:41 -08:00 · 2014-01-21 15:25:41 -08:00 · 29d6f7c720
parent e10f9cc518 0b6e03df75
commit 29d6f7c720
2 changed files with 8 additions and 1 deletions
--- a/lib/msf/core/exploit/http/server.rb
+++ b/lib/msf/core/exploit/http/server.rb
@ -198,6 +198,13 @@ module Exploit::Remote::HttpServer

    proto = (datastore["SSL"] ? "https" : "http")

+    # SSLCompression may or may not actually be available. For example, on
+    # Ubuntu, it's disabled by default, unless the correct environment
+    # variable is set. See https://github.com/rapid7/metasploit-framework/pull/2666
+    if proto == "https" and datastore['SSLCompression']
+      print_status("Intentionally using insecure SSL compression. Your operating system might not respect this!")
+    end
+
    print_status("Using URL: #{proto}://#{opts['ServerHost']}:#{opts['ServerPort']}#{uopts['Path']}")

    if (opts['ServerHost'] == '0.0.0.0')
--- a/lib/rex/socket/parameters.rb
+++ b/lib/rex/socket/parameters.rb
@ -61,7 +61,7 @@ class Rex::Socket::Parameters
  # @option hash [String] 'SSLCert' A file containing an SSL certificate (for
  #   server sockets)
  # @option hash [String] 'SSLCipher' see {#ssl_cipher}
-  # @option hash [Bool] 'SSLCompression' enable SSL-level compression
+  # @option hash [Bool] 'SSLCompression' enable SSL-level compression where available
  # @option hash [String] 'SSLVerifyMode' SSL certificate verification
  #   mechanism. One of 'NONE' (default), 'CLIENT_ONCE', 'FAIL_IF_NO_PEER_CERT ', 'PEER'
  # @option hash [String] 'Proxies' List of proxies to use.