Sites with Invalid Certificates

In3tinct / See-SURF

Python based scanner to find potential SSRF parameters

GNU General Public License v3.0

283 stars 64 forks source link

Sites with Invalid Certificates #13

Closed hash3liZer closed 3 years ago

hash3liZer commented 3 years ago

Hi, the tool throws errors for sites with self-signed certificates:

HTTPSConnectionPool(host='self-signed.badssl.com', port=443): Max retries exceeded with url: / (Caused by SSLError(SSLCertVerificationError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate (_ssl.c:1108)')))

A quick workaround would do:

r = requests.get(
    url,
    verify=False
)

In3tinct commented 3 years ago

Thank you for reporting. This is completed.