search

aapooksman / certmitm

A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
MIT License
515 stars 44 forks source link

Setup Issues #9

Open l0lsec opened 2 months ago

l0lsec commented 2 months ago

Followed the setup instructions to a T and still having issues, maybe some clarity is needed around what the preqs for setup are.

For example need a hardwire NIC and a Wireless NIC. Its not quite sure to me.

When I run the script I get this error,

ERROR - 'socket' object has no attribute 'set_verify'

Screenshot 2024-08-27 at 2 28 30 PM
aapooksman commented 2 months ago

This error seems to happen on some pyOpenSSL/OpenSSL versions. Could you run the following commands to check these versions? Additionally, what Linux distrubution are you using?

openssl version pip3 freeze|grep pyOpenSSL

$ openssl version
OpenSSL 3.0.13 30 Jan 2024 (Library: OpenSSL 3.0.13 30 Jan 2024)
$ pip3 freeze|grep pyOpenSSL
pyOpenSSL==24.1.0

Your issue might me fixed by changing the util.py file to have the following get_cert_chain function:

# Try to get server certificate with OpenSSL
def get_cert_chain(dest_ip, dest_port, req_hostname):
    context = OpenSSL.SSL.Context(OpenSSL.SSL.SSLv23_METHOD)
    context.set_verify(OpenSSL.SSL.VERIFY_NONE)
    client = socket.socket()
    client.connect((dest_ip, dest_port))
    clientSSL = OpenSSL.SSL.Connection(context, client)
    if req_hostname:
        clientSSL.set_tlsext_host_name(bytes(req_hostname, 'utf-8'))
    clientSSL.set_connect_state()
    clientSSL.do_handshake()
    return clientSSL.get_peer_cert_chain()

Here the offending line clientSSL.set_verify(OpenSSL.SSL.VERIFY_NONE) is removed and the VERIFY_NONE is added to the context instead.

Could you check if this helps?