Skip to content

Commit

Permalink
Compile and use specific openssl version
Browse files Browse the repository at this point in the history
  • Loading branch information
@udgover
udgover committed Nov 15, 2022
1 parent c10541b commit 4f3abd7
Show file tree
Hide file tree
Showing 4 changed files with 14 additions and 14 deletions.
2 changes: 1 addition & 1 deletion ...-of-concept-exploits/openssl-punycode-vulnerability/malicious_server/client/gdb_client.sh
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
gdb ../openssl/apps/openssl -command=client.gdb
gdb ../openssl-3.0.6/apps/openssl -command=client.gdb
2 changes: 1 addition & 1 deletion ...-of-concept-exploits/openssl-punycode-vulnerability/malicious_server/client/run_client.sh
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
../openssl/apps/openssl s_client -connect 127.0.0.1:3000 -state
../openssl-3.0.6/apps/openssl s_client -connect 127.0.0.1:3000 -state
22 changes: 11 additions & 11 deletions proof-of-concept-exploits/openssl-punycode-vulnerability/malicious_server/run.sh
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
cwd=$PWD

compile () {
if [ ! -f $cwd/openssl/apps/openssl ]; then
echo "[+] Compile debug mode version of OpenSSL 3.0.6"
wget https://github.com/openssl/openssl/archive/refs/tags/openssl-3.0.6.zip
unzip openssl-3.0.6.zip
mv openssl-openssl-3.0.6 openssl
cd openssl
if [ ! -f $cwd/$1/apps/openssl ]; then
echo "[+] Compile debug mode version of $1"
wget https://github.com/openssl/openssl/archive/refs/tags/$1.zip
unzip $1.zip
mv openssl-$1 $1
cd $1
./Configure no-tests -debug -static && sed -i 's/^CFLAGS=.*/CFLAGS=-Wall -Og -g3 -fno-inline-functions -fdump-rtl-expand/' Makefile && make clean && make -j`nproc`
else
echo "[+] OpenSSL 3.0.6 already compiled: SKIP"
echo "[+] $1 already compiled: SKIP"
fi
}

Expand All @@ -29,23 +29,21 @@ clean () {
}

run_server () {
compile
compile openssl-3.0.7
build_server
cd $cwd/server
./run_server.sh
}

run_vuln_client () {
compile
compile openssl-3.0.6
cd $cwd/client
./gdb_client.sh
}

if (test $# -eq 1); then
if (test $1 = "clean"); then
clean
elif (test $1 = "compile"); then
compile
elif (test $1 = "build_server"); then
build_server
elif (test $1 = "clean_server"); then
Expand All @@ -55,4 +53,6 @@ if (test $# -eq 1); then
elif (test $1 = "run_server"); then
run_server
fi
elif ((test $# -eq 2) && (test $1 = "compile")); then
compile $2
fi
2 changes: 1 addition & 1 deletion ...-of-concept-exploits/openssl-punycode-vulnerability/malicious_server/server/run_server.sh
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
../openssl/apps/openssl s_server -accept 127.0.0.1:3000 -CAfile certs/cacert.pem -cert certs/trusted.pem -key certs/server.key.pem -state
../openssl-3.0.7/apps/openssl s_server -accept 127.0.0.1:3000 -CAfile certs/cacert.pem -cert certs/trusted.pem -key certs/server.key.pem -state

0 comments on commit 4f3abd7

Please sign in to comment.