kali工具箱

sslcaudit包装说明

sslcaudit项目的目标是开发一个工具来测试SSL / TLS客户端自动进行对MITM攻击性。这可能是用于测试胖客户端，移动应用，家电，几乎任何SSL通信的有益/ TLS通过TCP。

资料来源：http://www.gremwell.com/sites/default/files/sslcaudit/doc/sslcaudit-user-guide-1.0.pdf
sslcaudit首页 | 卡利sslcaudit回购

作者：Gremwell
许可：GPLv3的

包含在sslcaudit包工具

sslcaudit - 测试SSL / TLS客户易患MITM攻击

[email protected]:~# sslcaudit -h

Usage: sslcaudit [OPTIONS]



Options:

  --version             show program's version number and exit

  -h, --help            show this help message and exit

  -l LISTEN_ON          Specify IP address and TCP PORT to listen on, in

                        format of HOST:PORT. Default is 0.0.0.0:8443

  -m MODULES            Launch specific modules. For now the only functional

                        module is 'sslcert'. There is also 'dummy' module used

                        for internal testing or as a template code for new

                        modules. Default is sslcert

  -v VERBOSE            Increase verbosity level. Default is 0. Try 1.

  -d DEBUG_LEVEL        Set debug level. Default is 0, which disables

                        debugging output. Try 1 to enable it.

  -c NCLIENTS           Number of clients to handle before quitting. By

                        default sslcaudit will quit as soon as it gets one

                        client fully processed.

  -N TEST_NAME          Set the name of the test. If specified will appear in

                        the leftmost column in the output.

  -T SELF_TEST          Launch self-test. 0 - plain TCP client, 1 - CN

                        verifying client, 2 - curl.

  --user-cn=USER_CN     Set user-specified CN.

  --server=SERVER       Where to fetch the server certificate from, in

                        HOST:PORT format.

  --user-cert=USER_CERT_FILE

                        Set path to file containing the user-supplied

                        certificate.

  --user-key=USER_KEY_FILE

                        Set path to file containing the user-supplied key.

  --user-ca-cert=USER_CA_CERT_FILE

                        Set path to file containing certificate for user-

                        supplied CA.

  --user-ca-key=USER_CA_KEY_FILE

                        Set path to file containing key for user-supplied CA.

  --no-default-cn       Do not use default CN

  --no-self-signed      Don't try self-signed certificates

  --no-user-cert-signed

                        Do not sign server certificates with user-supplied one

sslcaudit用法示例

监听443端口（-L 0.0.0.0:443）在详细模式（-v 1）：

[email protected]:~# sslcaudit -l 0.0.0.0:443 -v 1

# filebag location: sslcaudit.1

127.0.0.1:38978  selfsigned(www.example.com)                                  tlsv1 alert unknown ca