diff --git a/.idea/git_toolbox_blame.xml b/.idea/git_toolbox_blame.xml new file mode 100644 index 0000000..7dc1249 --- /dev/null +++ b/.idea/git_toolbox_blame.xml @@ -0,0 +1,6 @@ + + + + + \ No newline at end of file diff --git a/src/fr/motysten/usertwist/exploit/tools/Request.java b/src/fr/motysten/usertwist/exploit/tools/Request.java index 795c402..6f5b28c 100644 --- a/src/fr/motysten/usertwist/exploit/tools/Request.java +++ b/src/fr/motysten/usertwist/exploit/tools/Request.java @@ -3,8 +3,11 @@ package fr.motysten.usertwist.exploit.tools; import org.json.JSONObject; import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLEngine; import javax.net.ssl.TrustManager; +import javax.net.ssl.X509ExtendedTrustManager; import java.io.IOException; +import java.net.Socket; import java.net.URI; import java.net.http.HttpClient; import java.net.http.HttpRequest; @@ -12,6 +15,7 @@ import java.net.http.HttpResponse; import java.security.KeyManagementException; import java.security.NoSuchAlgorithmException; import java.security.SecureRandom; +import java.security.cert.X509Certificate; import java.util.Map; public class Request { @@ -22,7 +26,42 @@ public class Request { HttpClient.Builder builder = HttpClient.newBuilder(); if (insecure) { SSLContext customContext = SSLContext.getInstance("TLS"); - customContext.init(null, new TrustManager[]{new SSLBypass()}, new SecureRandom()); + customContext.init(null, new TrustManager[]{new X509ExtendedTrustManager() { + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) { + + } + + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) { + + } + + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) { + + } + + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) { + + } + + @Override + public void checkClientTrusted(X509Certificate[] x509Certificates, String s) { + + } + + @Override + public void checkServerTrusted(X509Certificate[] x509Certificates, String s) { + + } + + @Override + public X509Certificate[] getAcceptedIssuers() { + return new X509Certificate[0]; + } + }}, new SecureRandom()); builder.sslContext(customContext); } this.client = builder.build(); diff --git a/src/fr/motysten/usertwist/exploit/tools/SSLBypass.java b/src/fr/motysten/usertwist/exploit/tools/SSLBypass.java deleted file mode 100644 index 94fb2c9..0000000 --- a/src/fr/motysten/usertwist/exploit/tools/SSLBypass.java +++ /dev/null @@ -1,43 +0,0 @@ -package fr.motysten.usertwist.exploit.tools; - -import javax.net.ssl.SSLEngine; -import javax.net.ssl.X509ExtendedTrustManager; -import java.net.Socket; -import java.security.cert.X509Certificate; - -public class SSLBypass extends X509ExtendedTrustManager { - @Override - public void checkClientTrusted(X509Certificate[] x509Certificates, String s, Socket socket) { - - } - - @Override - public void checkServerTrusted(X509Certificate[] x509Certificates, String s, Socket socket) { - - } - - @Override - public void checkClientTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) { - - } - - @Override - public void checkServerTrusted(X509Certificate[] x509Certificates, String s, SSLEngine sslEngine) { - - } - - @Override - public void checkClientTrusted(X509Certificate[] x509Certificates, String s) { - - } - - @Override - public void checkServerTrusted(X509Certificate[] x509Certificates, String s) { - - } - - @Override - public X509Certificate[] getAcceptedIssuers() { - return new X509Certificate[0]; - } -}