这是indexloc提供的服务,不要输入任何密码
Skip to content

Add TLS SNI Support #441

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 13, 2021
Merged

Add TLS SNI Support #441

merged 4 commits into from
May 13, 2021

Conversation

@erbbysam
Copy link
Contributor

@erbbysam erbbysam commented Apr 30, 2021

Description

Add TLS SNI support to ffuf.

I opted not to include support for the FUZZ target here as each new request would require a full new TLS connection which introduces significant overhead. There might be some value in adding support for this later for VHOST discovery using TLS SNI.

Fixes: #440

For background: https://tools.ietf.org/html/rfc6066#section-3

Example:

./ffuf -H "Host: www.erbbysam.com" -u https://104.154.120.133:443/FUZZ -sni www.erbbysam.com -w ~/wordlist.txt

Tests:

  • I have confirmed this new field works.
  • I have confirmed this new code does not impact existing SNI values when run without the -sni flag using.
  • I have confirmed this new field can be specified via configuration file.

(all tests were done using using tcpdump+wireshark -- example: tcpdump port 443 -w ~/output.pcap)

Additonally

  • If this is the first time you are contributing to ffuf, add your name to CONTRIBUTORS.md.
    The file should be alphabetically ordered.
  • Add a short description of the fix to CHANGELOG.md

Thanks for contributing to ffuf :)

joohoi
joohoi approved these changes May 13, 2021
View reviewed changes
Copy link
Member

@joohoi joohoi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR, LGTM!

@joohoi joohoi merged commit 5ad0681 into ffuf:master May 13, 2021
joohoi pushed a commit that referenced this pull request Feb 3, 2023
@erbbysam @joohoi
Add TLS SNI Support (#441)
0900965 
* add SNI support to ffuf

* remove change to keywordPresent

* Update CONTRIBUTORS.md

* Update CHANGELOG.md
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@joohoi joohoi joohoi approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add TLS SNI Support

2 participants

@erbbysam @joohoi