Littleblackbox

From charlesreid1

Revision as of 05:56, 28 August 2016 by Admin (talk | contribs) (Created page with "=Info= ==Installing== Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to scan for computers using vulnerable keys...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Info

Installing

Littleblackbox is the tool that we will start with, since it has some built-in certificates and can be used to scan for computers using vulnerable keys on the local network.

To install littleblackbox, replace all SSLv3 with SSLv23 (only one instance - in certificates.c).

Debian has SSL v3 disabled, due to the Poodle attack. Thus, SSL version 3 sessions are not defined in the OpenSSL library, which causes the symbol not found error, This can be fixed by using a different function call, so the symbol will exist. Version 2.3 is ok. So replace "SSLv3" with "SSLv23".

Also, you may need to make this folder to allow littleblackbox to install its man page: 

$ mkdir -p /usr/local/share/man/man1

Now you should be all set.

The Keys

Of course, you probably downloaded this for the keys, so you're also probably wondering where they are. Well, they're all contained in a SQLite database that comes with the repository, called lbb.db (lbb = little black box). The database is not encrypted or anything, so you can extract the contents or you can update the contents to add your own keys.

Retrieved from "https://charlesreid1.com/w/index.php?title=Littleblackbox&oldid=13433"