{"published":"2020-11-27 07:40:18","width":"100%","image_url":"https://cdn-ak.f.st-hatena.com/images/fotolife/T/ThisIsOne/20201127/20201127063429.png","title":"bWAPP\u3067A6-POODLE Vulnerability\u3092\u3084\u3063\u3066\u307f\u305f","height":"190","version":"1.0","blog_url":"https://cysec148.hatenablog.com/","categories":["bWAPP"],"html":"<iframe src=\"https://hatenablog-parts.com/embed?url=https%3A%2F%2Fcysec148.hatenablog.com%2Fentry%2F2020%2F11%2F27%2F074018\" title=\"bWAPP\u3067A6-POODLE Vulnerability\u3092\u3084\u3063\u3066\u307f\u305f - Shikata Ga Nai\" class=\"embed-card embed-blogcard\" scrolling=\"no\" frameborder=\"0\" style=\"display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;\"></iframe>","author_name":"ThisIsOne","blog_title":"Shikata Ga Nai","description":"Hello there, ('\u03c9')\u30ce SSLv3\u3092\u7121\u52b9\u306b\u3059\u308b\u30aa\u30d7\u30b7\u30e7\u30f3\u304c\u306a\u3044\u5834\u5408\u306f\u3002 TLS_FALLBACK_SCSV\u306e\u5b9f\u88c5\u3092\u691c\u8a0e\u3057\u3066\u304f\u3060\u3055\u3044\u3068\u306e\u3053\u3068\u3067\u3002 \u3053\u308c\u306f\u3001SSL 3.0\u30d7\u30ed\u30c8\u30b3\u30eb\u306e\u8106\u5f31\u6027\u3067\u3002 \u3053\u306e\u8106\u5f31\u6027\u3092man-in-the-middle\u653b\u6483\u3067\u3002 Cookie\u3084\u30a2\u30ab\u30a6\u30f3\u30c8\u60c5\u5831\u306a\u3069\u306e\u6a5f\u5bc6\u60c5\u5831\u3092\u76d7\u3080\u3053\u3068\u304c\u3067\u304d\u3066\u3002 ssl-poodle\u3092nmap\u3067\u8abf\u3079\u308b\u3053\u3068\u306b\u3002 nmap --script ssl-poodle -sV -p 443 192.168.1.51 \u3053\u306e\u554f\u984c\u306f\u3001\u5b9f\u969b\u7684\u306a\u74b0\u5883\u3092\u63d0\u4f9b\u3059\u308b\u3082\u306e\u3067\u306f\u306a\u3044\u3088\u3046\u3067\u3002 \u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304cSSL\u30cd\u30b4\u30b7\u30a8\u30fc\u30b7\u30e7\u30f3\u4e2d\u306b\u3002 SSL 3.0\u30d7\u30ed\u30c8\u30b3\u30eb\u3092\u4f7f\u2026","url":"https://cysec148.hatenablog.com/entry/2020/11/27/074018","type":"rich","provider_name":"Hatena Blog","provider_url":"https://hatena.blog","author_url":"https://blog.hatena.ne.jp/ThisIsOne/"}