Hi all,
New to the mailing list and a complete newbie to openssl and the likes. There's a ticket by a client that I'm new at and he claims that there's a security problem with the openssl command to his servers.
Internal IP exposed after running a openssl (version 1.1.0j) connect command:
openssl s_client -connect 103.XX.XXX.XX:10443 -quiet
Where 103.XX.XXX.XX is a Public IP. And after it shows the certificates, typed the following:
GET /images HTTP/1.0
And hit enter twice, the following gets displayed:
HTTP/1.0 301 Moved Permanently
Date: Mon, 25 Mar 2019 00:10:13 GMT
Server: xxxxxxxx-xxxxx
Location: https://10.240.123.1:10443/images/
Connection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=28800
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>301 Moved Permanently</TITLE>
</HEAD><BODY>
<H1>Moved Permanently</H1>
The document has moved <A HREF="" href="https://10.240.123.1:10443/images/">https://10.240.123.1:10443/images/">here</A>.<P>
</BODY></HTML>
read:errno=0
The 10.240.123.1 is an internal IP and it is exposed by this little method. Although not shown when using curl -kv -O
command.
Is there a way to cover up the "Location" or at least the internal IP from being exposed? Thanks.
Sorry if this isn't clear or if this is the wrong place to ask this.
--
Abdul Qoyyuum Bin Haji Abdul Kadir
HP No: +673 720 8043