From 21c9bdaf88b3f34a4668b3ede33b6061af7187bb Mon Sep 17 00:00:00 2001 From: Jose Luis Verdeguer Date: Thu, 25 Apr 2024 18:34:45 +0200 Subject: [PATCH] updated ssl wrap_socket function --- src/sippts/sipdigestleak.py | 8 ++++++-- src/sippts/sipenumerate.py | 8 ++++++-- src/sippts/sipexten.py | 8 ++++++-- src/sippts/sipflood.py | 8 ++++++-- src/sippts/sipfuzzer.py | 16 ++++++++++++---- src/sippts/sipinvite.py | 8 ++++++-- src/sippts/sipping.py | 8 ++++++-- src/sippts/siprcrack.py | 8 ++++++-- src/sippts/sipscan.py | 8 ++++++-- src/sippts/sipsend.py | 8 ++++++-- 10 files changed, 66 insertions(+), 22 deletions(-) diff --git a/src/sippts/sipdigestleak.py b/src/sippts/sipdigestleak.py index 3fed52c..d7784cd 100644 --- a/src/sippts/sipdigestleak.py +++ b/src/sippts/sipdigestleak.py @@ -279,8 +279,12 @@ def call(self, ip, port, proto): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) sock_ssl.sendall(bytes(msg[:8192], 'utf-8')) else: diff --git a/src/sippts/sipenumerate.py b/src/sippts/sipenumerate.py index 77de8a8..f2e662a 100644 --- a/src/sippts/sipenumerate.py +++ b/src/sippts/sipenumerate.py @@ -163,8 +163,12 @@ def send(self, method): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) except: print('Socket connection error') diff --git a/src/sippts/sipexten.py b/src/sippts/sipexten.py index 5b44a07..dc232eb 100644 --- a/src/sippts/sipexten.py +++ b/src/sippts/sipexten.py @@ -275,8 +275,12 @@ def scan_host(self, ipaddr, to_user): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) sock_ssl.sendall(bytes(msg[:8192], 'utf-8')) else: diff --git a/src/sippts/sipflood.py b/src/sippts/sipflood.py index dc87646..779ccb2 100644 --- a/src/sippts/sipflood.py +++ b/src/sippts/sipflood.py @@ -210,8 +210,12 @@ def flood(self): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) except: # print(self.c.RED + '\nSocket connection error\n' + self.c.WHITE) diff --git a/src/sippts/sipfuzzer.py b/src/sippts/sipfuzzer.py index f03681d..caa8cdb 100755 --- a/src/sippts/sipfuzzer.py +++ b/src/sippts/sipfuzzer.py @@ -99,8 +99,12 @@ def ping(self): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers=None, cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) ping = create_message('OPTIONS', '', self.ip, '100', '', self.ip, '100', '', self.ip, @@ -224,8 +228,12 @@ def fuzz(self): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers=None, cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) while self.quit == False: diff --git a/src/sippts/sipinvite.py b/src/sippts/sipinvite.py index a2317a0..2a43705 100644 --- a/src/sippts/sipinvite.py +++ b/src/sippts/sipinvite.py @@ -132,8 +132,12 @@ def invite(self, fw, src, dst): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers=None, cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) try: diff --git a/src/sippts/sipping.py b/src/sippts/sipping.py index 72de0e1..8886b3f 100644 --- a/src/sippts/sipping.py +++ b/src/sippts/sipping.py @@ -211,8 +211,12 @@ def start(self): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) except socket.timeout: print(self.c.RED + diff --git a/src/sippts/siprcrack.py b/src/sippts/siprcrack.py index 939a0e7..316517a 100644 --- a/src/sippts/siprcrack.py +++ b/src/sippts/siprcrack.py @@ -105,8 +105,12 @@ def register(self, ip, to_user, pwd): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) sock_ssl.sendall(bytes(msg[:8192], 'utf-8')) else: diff --git a/src/sippts/sipscan.py b/src/sippts/sipscan.py index 465b19b..54f6d3f 100644 --- a/src/sippts/sipscan.py +++ b/src/sippts/sipscan.py @@ -442,8 +442,12 @@ def scan_host(self, ipaddr, port, proto): sock.connect(host) if proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) sock_ssl.sendall(bytes(msg[:8192], 'utf-8')) else: diff --git a/src/sippts/sipsend.py b/src/sippts/sipsend.py index 2ee76de..6d4657a 100644 --- a/src/sippts/sipsend.py +++ b/src/sippts/sipsend.py @@ -246,8 +246,12 @@ def start(self): sock.connect(host) if self.proto == 'TLS': - sock_ssl = ssl.wrap_socket( - sock, ssl_version=ssl.PROTOCOL_TLS, ciphers='DEFAULT', cert_reqs=ssl.CERT_NONE) + context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT) + context.check_hostname = False + context.verify_mode = ssl.CERT_NONE + context.load_default_certs() + + sock_ssl = context.wrap_socket(sock, server_hostname=str(host[0])) sock_ssl.connect(host) sock_ssl.sendall(bytes(msg[:8192], 'utf-8')) else: