Internal IP Exposed
Abdul Qoyyuum
aqoyyuum at cardaccess.com.au
Mon Mar 25 00:33:55 UTC 2019
Hi all,
New to the mailing list and a complete newbie to openssl and the likes.
There's a ticket by a client that I'm new at and he claims that there's a
security problem with the openssl command to his servers.
Internal IP exposed after running a openssl (version 1.1.0j) connect
command:
openssl s_client -connect 103.XX.XXX.XX:10443 -quiet
Where 103.XX.XXX.XX is a Public IP. And after it shows the certificates,
typed the following:
GET /images HTTP/1.0
And hit enter twice, the following gets displayed:
HTTP/1.0 301 Moved Permanently
Date: Mon, 25 Mar 2019 00:10:13 GMT
Server: xxxxxxxx-xxxxx
Location: https://10.240.123.1:10443/images/
Connection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=28800
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="https://10.240.123.1:10443/images/">here</A>.<P>
</BODY></HTML>
read:errno=0
The 10.240.123.1 is an internal IP and it is exposed by this little method.
Although not shown when using curl -kv -O command.
Is there a way to cover up the "Location" or at least the internal IP from
being exposed? Thanks.
Sorry if this isn't clear or if this is the wrong place to ask this.
--
Abdul Qoyyuum Bin Haji Abdul Kadir
HP No: +673 720 8043
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20190325/d18021eb/attachment.html>
More information about the openssl-users
mailing list