View Issue Details

IDProjectCategoryView StatusLast Update
0005177Kali Linux[All Projects] Queued Tool Additionpublic2019-11-01 10:54
Reporterabb Assigned Tosbrun  
PrioritynormalSeverityfeatureReproducibilityN/A
Status assignedResolutionreopened 
Product Version 
Target VersionFixed in Version 
Summary0005177: Replace sslcaudit with qsslcaudit
DescriptionHi,

I am the author of sslcaudit tool you have in your distro https://en.kali.tools/all/?tool=1352.
The thing is the tool is not updated and does not produce reliable results anymore.
There is better tool: https://github.com/gremwell/qsslcaudit, developed by my colleague.
Here is docker file for Kali: https://github.com/gremwell/qsslcaudit/blob/docker/Dockerfile.kali.
Could you please remove sslcaudit and add qsslcaudit instead?

Cheers,
Alex

Activities

abb

2018-12-29 11:25

reporter   ~0010131

Correct website URL for this tool: https://www.gremwell.com/tools/qsslcaudit (under construction).

g0tmi1k

2019-09-04 12:37

administrator   ~0011027

Due to the age of the OS (Kali Moto [v1], Kali Safi [v2], Kali Rolling <= 2018.4), these legacy versions are no longer supported.
We will be closing this ticket due to inactivity.

Please could you see if you are able to replicate this issue with the latest version of Kali Linux - https://www.kali.org/downloads/)?

If you are still facing the same problem, feel free to re-open the ticket. If you choose to do this, could you provide more information to the issue you are facing, and also give information about your setup?
For more information, please read: https://kali.training/topic/filing-a-good-bug-report/

sbrun

2019-09-11 15:08

manager   ~0011075

we should remove sslcaudit from our metapackages.

Should we package the new qsslcaudit?

zOrg1331

2019-09-26 13:24

reporter   ~0011148

Please consider the following repositories which we use to build Kali packages ourselves using "gbp" tool. See "kali/master" branch for corresponding "debian/" files:
https://github.com/gremwell/unsafeopenssl-pkg-deb
https://github.com/gremwell/qsslcaudit-pkg-deb

sbrun

2019-10-30 10:34

manager   ~0011263

@zOrg1331 I started to prepare the Kali package. I just have a question about the openSSL version:
In the "unsafeopenssl-pkg-deb" why do you use OpenSSL 1.0.2i sources and not the most recent version 1.0.2t?

zOrg1331

2019-10-30 10:46

reporter   ~0011264

@sbrun thank you. The idea of "unsafeopenssl-" package is, well, to have unsafe version. Which mainly means having support of obsolete and insecure ciphers and protocols. I chose 1.0.2i because it existed in Debian repo at the time of starting development. As far as I see now (https://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=CHANGES;hb=refs/heads/OpenSSL_1_0_2-stable) there are no changes between 1.0.2i and 1.0.2t which can break "qsslcaudit" functionality. So, it is indeed possible to update to 1.0.2t. However, I can not do it myself right now, only a few days later. :(

sbrun

2019-11-01 10:29

manager   ~0011271

I packaged the unsafeopenssl package and update it to latest 1.0.2t version: version 1.0.2t-0kali1 is in kali-rolling

qsslcaudit version 0.7.1-1kali1 is available in kali-rolling

abb

2019-11-01 10:54

reporter   ~0011272

Great news, thanks! What will it take to have qsslcaudit tool added to this list - https://tools.kali.org/information-gathering/sslcaudit?
Do you need any input from us?
Please use the following URL for as home page for the tool: https://www.gremwell.com/tools/qsslcaudit

Issue History

Date Modified Username Field Change
2018-12-27 21:23 abb New Issue
2018-12-29 11:25 abb Note Added: 0010131
2019-02-20 11:48 g0tmi1k Category New Tool Requests => Kali Package Improvement
2019-09-04 12:37 g0tmi1k Note Added: 0011027
2019-09-04 12:37 g0tmi1k Status new => closed
2019-09-11 15:08 sbrun Assigned To => sbrun
2019-09-11 15:08 sbrun Status closed => feedback
2019-09-11 15:08 sbrun Resolution open => reopened
2019-09-11 15:08 sbrun Note Added: 0011075
2019-09-12 06:48 sbrun Status feedback => assigned
2019-09-12 06:48 sbrun Category Kali Package Improvement => New Tool Requests
2019-09-26 13:24 zOrg1331 Note Added: 0011148
2019-10-28 13:10 g0tmi1k Category New Tool Requests => Queued Tool Addition
2019-10-28 13:10 g0tmi1k Summary please replace sslcaudit with qsslcaudit => Replace sslcaudit with qsslcaudit
2019-10-28 16:03 g0tmi1k Product Version 2018.4 =>
2019-10-30 10:34 sbrun Note Added: 0011263
2019-10-30 10:46 zOrg1331 Note Added: 0011264
2019-11-01 10:29 sbrun Note Added: 0011271
2019-11-01 10:54 abb Note Added: 0011272