From 3cc5001ebf254a2c8a1580b0fc2efba49345fd71 Mon Sep 17 00:00:00 2001 From: Olivier Paroz Date: Tue, 16 Sep 2014 02:05:01 +0200 Subject: [PATCH] SNI fix Without this fix you always get the first cert attached to an IP and not necessarily the cert attached to the domain you're trying to scan. Could be made modular in order to simulate a client which doesn't support SNI... --- cipherscan | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cipherscan b/cipherscan index eb91255..e26771b 100755 --- a/cipherscan +++ b/cipherscan @@ -387,8 +387,8 @@ debug "Port: $PORT" TARGET=$HOST:$PORT debug "target: $TARGET" - -SCLIENTARGS=$(sed -e s,${TEMPTARGET},,<<<"${@}") +SNI_FIX="-servername ${HOST}" +SCLIENTARGS="$SNI_FIX $(sed -e s,${TEMPTARGET},,<<<"${@}")" debug "sclientargs: $SCLIENTARGS"