@7a : It looks as if the “does this server speak HTTPS” check is broken because TLSed was called and hanging on a port that was only listening on port 80, where the URL was starting with “http://”.
ps -ef | grep -i ssl
Returned:
root 21887 5742 0 03:14 ? 00:00:00 /bin/sh -c cd owtf_review/targets/http__some.host.com/partial/Testing_For_Ssl-Tls/active; /usr/bin/tlssled some.host.com 80
root 21888 21887 0 03:14 ? 00:00:00 bash /usr/bin/tlssled some.host.com 80
root 21908 21888 0 03:14 ? 00:00:00 sslscan some.host.com 80
NOTE: The process had to be killed from the UI Worker interface to continue (after approx. 10 minutes waiting)
Expected Result:
TLSSled should have NOT been invoked, because the service does NOT “speak HTTPS”
HINT:
This happened before, take a look at the issue tracker, the last couple of times it was down to the length of the output returned by openssl being different, hence making the “does this service speak HTTPS?” check is not working.
@7a : It looks as if the “does this server speak HTTPS” check is broken because TLSed was called and hanging on a port that was only listening on port 80, where the URL was starting with “http://”.
ps -ef | grep -i sslReturned:
Expected Result:
TLSSled should have NOT been invoked, because the service does NOT “speak HTTPS”
HINT:
This happened before, take a look at the issue tracker, the last couple of times it was down to the length of the output returned by openssl being different, hence making the “does this service speak HTTPS?” check is not working.