Hack Tool Repository

Categories Platforms Tools List Links News

By Name | By Date | By Popularity

By Name | By Date | By Popularity | Platform overview

By Name | By Date | By Popularity | By Rating

By Name | By Date | By Popularity | By Category

By Group | By Name | By Date | By Popularity

By Date | By Popularity

Article: TLS & SSLv3 renegotiation vulnerability

Web	www.hacktoolrepository.com

This paper describes how to test for the TLS & SSLv3 renegotiation vulnerability: The toolset provided by Openssl offers the simplest way to test whether a server allows for client-side renegotiation in the established tunnel. Note: This doesn't necessarily mean that the application beneath is vulnerable to attacks over this channel, but indicates the server allows attacks to happen. Generic Example Openssl s_client -connect yourserver.com:443 R (Triggers renegotiation - if this works, the server accepts renegotiations within an existing TLS session Requirement) GET /clientcontrolled.html http\1.0
Hits:	399
Added:	2009-11-28 12:30:19
Updated:	2009-11-29 11:25:33