Problems with SSL
matthewchurcher opened this issue · comments
Hi all,
I'm evaluating sulley for fuzzing an application which is only available via SSL. Unfortunately when I try to enable SSL in sulley I get the following error:
Traceback (most recent call last):
File "fuzz.py", line 26, in
sess.fuzz()
File "/home/mcc/OpenRCE-sulley-8cb5e1d/sulley/sessions.py", line 473, in fuzz
error_handler(e, "failed transmitting fuzz node", target, sock)
File "/home/mcc/OpenRCE-sulley-8cb5e1d/sulley/sessions.py", line 393, in error_handler
sock.close()
AttributeError: close
My code looks like this:
sess = sessions.session(session_filename="http.session", log_level="9", proto="ssl", skip=0)
target = sessions.target("myservice", 443)
I'd have raised a bug already but I'm new to sulley so I'm not 100% if I've done everything correctly.
Thanks in advanced,
Matt
Hey, sorry for the slow response, if you're still having issues with this can you email me a copy of the script you're using and possibly the application you're trying to fuzz? I haven't had to do ssl-only fuzzing, but if I have some more info I can probably track down the issue!
Hi,
Please consider changing this part of "sulley/sessions.py" file.
On line 486 of "sulley/sessions.py":
------------------------ Replace ----------------------------------------
if self.ssl:
try:
ssl = socket.ssl(sock)
sock = httplib.FakeSocket(sock, ssl)
except Exception, e:
...
------------------------ by --------------------------------------------
if self.ssl:
try:
import ssl
sock = ssl.wrap_socket(sock)
except Exception, e:
...
Jean-Nicolas.