search

OWASP / O-Saft

O-Saft - OWASP SSL advanced forensic tool
GNU General Public License v2.0
373 stars 86 forks source link

Undefined subroutine &SSLinfo::do_ssl_open #140

Closed niall-san closed 4 months ago

niall-san commented 4 months ago

I have cloned the repository and am attempting to assess whether a host supports CBC ciphers using +cbc.

The application currently throws the error shown below. I have also tried it against different hosts.

./o-saft.pl +cbc cbc.badssl.com:443
**WARNING: 409: SSLv2 does not support SNI; cipher checks are done without SNI
**WARNING: 409: SSLv3 does not support SNI; cipher checks are done without SNI
Undefined subroutine &SSLinfo::do_ssl_open called at ./o-saft.pl line 2763.

This issue also seems to occur for +des, +null, +adh, +export.

EnDe commented 4 months ago

Looks like an "old" version, did you install the tarball from releases or from master? Please post result of grep 'SID_main ' o-saft.pl

niall-san commented 4 months ago

I ran git clone against the repository from master. The output of that command is:

$ grep 'SID_main ' o-saft.pl
our $SID_main   = "@(#) o-saft.pl 3.85 24/07/18 21:54:21"; # version of this file
EnDe commented 4 months ago

should be fixed in o-saft.pl.

you need to clone just this file. Thanks for reporting.

niall-san commented 4 months ago

I have pulled the latest change and can confirm that I no longer receive the error. Thank you for fixing this.

EnDe commented 4 months ago

another fixed related to this issue: lib/OCfg.pm

EnDe commented 4 months ago

closed.