evil-winrm: fix OpenSSL 3 error #3620

D3vil0p3r · 2022-12-04T02:12:31Z

Fixing the issue linked in #3593 by enabling legacy protocols that Evil-WinRM uses for attacking the target machine. The issue is solved by enabling the legacy protocols after the pkg installation that have been kept disabled by default by OpenSSL maintainers with the latest OpenSSL version.

packages/evil-winrm/evil-winrm.install

noraj · 2022-12-05T19:34:42Z

You could try adding openssl-1.1 in dependency but with both 1.1 and 3.0 installed, idk how it will behave.

D3vil0p3r · 2022-12-05T22:47:12Z

You could try adding openssl-1.1 in dependency but with both 1.1 and 3.0 installed, idk how it will behave.

I tried to install openssl-1.1 package, but when I run evil-winrm we still get the famous error. So, it still refers to the OpenSSL 3.0 config file.

noraj · 2022-12-06T00:31:07Z

If you take a look at evil-winrm gemspec https://github.com/Hackplayers/evil-winrm/blob/381b126d6a8dc3ca38f7fab73cb80175fcbe8d45/evil-winrm.gemspec#L27, it relies on the winrm gem.

I suggest you open a bug request upstream for openssl 3.0 support.

D3vil0p3r · 2022-12-06T09:25:56Z

If you take a look at evil-winrm gemspec https://github.com/Hackplayers/evil-winrm/blob/381b126d6a8dc3ca38f7fab73cb80175fcbe8d45/evil-winrm.gemspec#L27, it relies on the winrm gem.

I suggest you open a bug request upstream for openssl 3.0 support.

Opened to WinRb/WinRM#340

noraj · 2022-12-06T12:17:16Z

By reading WinRb/WinRM#340, I think we can make a workaround.

add openssl-1.1 in the dependencies

blackarch/packages/evil-winrm/PKGBUILD

Line 14 in ff5e86d

depends=('ruby' 'ruby-bundler' 'libxslt' 'ruby-rexml' 'git')

Modify the wrapper to add an inline OPENSSL_CONF in the wrapper exec OPENSSL_CONF=/path/to/customconf bundle exec $pkgname.rb "\$@"

blackarch/packages/evil-winrm/PKGBUILD

Lines 42 to 46 in ff5e86d

    
             cat > "$pkgdir/usr/bin/$pkgname" << EOF 
        
           #!/bin/sh 
        
           cd /usr/share/$pkgname 
        
           exec bundle exec $pkgname.rb "\$@" 
        
           EOF

and setting the path to openssl 1.1 conf.

or maybe better so there is no need of openssl 1.1.1

only add openssl (3.0) in the dependencies
Modify the wrapper to add an inline OPENSSL_CONF, copy openssl 3.0 conf in /usr/share/$pkgname, sed the required modifications and set OPENSSL_CONF to use the custom file

cf. #3620 (comment)

D3vil0p3r requested a review from noptrix as a code owner December 4, 2022 02:12

noraj requested review from noraj and removed request for noptrix December 4, 2022 03:29

noraj requested changes Dec 5, 2022

View reviewed changes

packages/evil-winrm/evil-winrm.install Show resolved Hide resolved

noraj closed this Dec 5, 2022

D3vil0p3r deleted the patch-8 branch December 6, 2022 09:26

noraj added a commit that referenced this pull request Dec 8, 2022

try workaround idea

fd4defb

cf. #3620 (comment)

noraj mentioned this pull request Dec 8, 2022

evil-winrm: try workaround idea #3628

Merged

noptrix pushed a commit that referenced this pull request Jan 9, 2023

try workaround idea (#3628)

4e2f890

cf. #3620 (comment)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

evil-winrm: fix OpenSSL 3 error #3620

evil-winrm: fix OpenSSL 3 error #3620

D3vil0p3r commented Dec 4, 2022

noraj commented Dec 5, 2022

D3vil0p3r commented Dec 5, 2022

noraj commented Dec 6, 2022

D3vil0p3r commented Dec 6, 2022

noraj commented Dec 6, 2022 •

edited

Loading

evil-winrm: fix OpenSSL 3 error #3620

evil-winrm: fix OpenSSL 3 error #3620

Conversation

D3vil0p3r commented Dec 4, 2022

noraj commented Dec 5, 2022

D3vil0p3r commented Dec 5, 2022

noraj commented Dec 6, 2022

D3vil0p3r commented Dec 6, 2022

noraj commented Dec 6, 2022 • edited Loading

noraj commented Dec 6, 2022 •

edited

Loading