mirrors/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-09-12 17:21:17 +02:00
Code Issues Projects Releases Wiki Activity

Doing a better guess for Opossum when tcp/80 is not a/v

Browse Source 
This labels the result of a failed test for reaching
port 80 when no direct connection is possible as likely not
vulnerable.

This seems safe to say, as there's another check whether
a proxy is configured, like for corporate environments where
a connection is only allowed though the proxy.
This commit is contained in:
Dirk Wetter 2025-07-21 10:08:25 +02:00
parent a549acd86d
commit cb971b5336
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
testssl.sh
View File

@ -17735,8 +17735,10 @@ run_opossum() {
prln_local_problem "direct connection to port 80 failed, better try without proxy" prln_local_problem "direct connection to port 80 failed, better try without proxy"
fileout "$jsonID" "WARN" "direct connection to port 80 failed, try w/o no proxy" "$cve" "$cwe" fileout "$jsonID" "WARN" "direct connection to port 80 failed, try w/o no proxy" "$cve" "$cwe"
else else
outln "connection to port 80 failed" out "likely "
fileout "$jsonID" "INFO" "connection to port 80 failed" "$cve" "$cwe" pr_svrty_good "not vulnerable (OK)"
outln ", connection to port 80 failed"
fileout "$jsonID" "OK" "connection to port 80 failed" "$cve" "$cwe"
fi fi
fi fi
;; ;;