gkbrk/slowloris

SNI remote target causes [SSL: WRONG_VERSION_NUMBER] wrong version number

rbeede opened this issue · 4 comments

When running with a command line like:
python3 slowloris.py -s 100 -v -ua -p 443 --https example.com

If the remote target has strict requirements for SNI hostname checks then the connection can fail with:

[SSL: WRONG_VERSION_NUMBER] wrong version number

The fix was to use Python3 library methods to change
s = ssl.wrap_socket(s)

to

context = ssl.create_default_context()
s = context.wrap_socket(s,server_hostname=ip)

gkbrk commented

Thanks for the report, it is indeed problematic to not send SNI information when wrapping the socket with TLS.

I tried this fix, but still getting [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1123)

gkbrk commented

HI @rbeede, this issue should be fixed now. Please let me know if there are still problems.

@richstokes your problem might be caused by not setting the HTTPS port. Can you try with --https --port 443 and report back if there are still problems?

gkbrk commented

As I haven't received an update, I'm assuming this issue is fixed.