mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-08-23 07:21:06 +02:00
a4953d6e22
Fixes #2833 This does a check for the opossum vulnerability, see https://opossum-attack.com/ . It uses a separate function to send the payload and retrieve the result via `http_header_printf()`. It doesn't use curl or wget. The latter wouldn't work anyway as according to the manpage as the HTTP header which needs to be sent must not contain LFs. This function was introduced because `http_get_header()` -- which was renamed to `http_head()` -- could use wget if curl is not available. On the way to this PR `http_head()` was improved, so that timeouts were used for curl and wget for better maturity. `http_header_printf()` now uses bach sockets , strips the URI so that a plaintext request is made. This will be done in the background because not every host will answer. Done also: - handling when PROXY is requested (try anyway directly as the payload is not "proxyable") - print a message when no HTTP service is present - try hard to use plaintext HTTP when auth is required for HTTPS and service HTTP would not be defined otherwise - manpages - help Also when pwnedkeys are checked a not pwned certificate is labled not neutral but OK=green.