Re: Browser with weak ciphers in testing ?
Hi.
On Sat, 25 Jul 2015 20:03:59 +0200
Erwan David <erwan@rail.eu.org> wrote:
> To access some appliances/devices whose https console only knows weak
> ciphers (but on a protected network), I need a browser accepting those
> weak ciphers (less I go to each device with a serial cable to enable the
> clear connection).
>
> What are my options in testing ?
Let's see. You need anything that's linked with libssl, which leaves us
with:
- elinks2
- w3m
If the appliances in question require Javascript, those won't do the
job. What you need or the conventional browsers *and* TLS-capable proxy
(sslstrip or mitmproxy). Or, a MITM tool, such as sslsniff.
For the ad-hoc connections, ncat (from nmap package), or plain old
socat should do the trick.
You could also proxy the connection to such devices with a Web-server
(both apache and nginx can do this), but the setup is somewhat tricky.
Reco
Reply to: