While retriving C&C servers for palevo bots, I encountered an error -
"InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail....."
1) Upgrade to python 2.7.9 as suggested in urllib3 documentation - https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
2) By default, python standard library’s ssl module is used. Unfortunately, there are several limitations which are addressed by PyOpenSSL:
"InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail....."
psj@psj-desktop:~/Developement/palevo$ python requests_palevo_domains.pyThere are multiple ways to overcome this issue:
/usr/local/lib/python2.6/dist-packages/requests/packages/urllib3/util/ssl_.py:90: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Traceback (most recent call last):
File "requests_proxy_usage.py", line 9, in <module>
r=requests.get('https://palevotracker.abuse.ch/blocklists.php?download=domainblocklist',proxies=proxy_dict)
File "/usr/local/lib/python2.6/dist-packages/requests/api.py", line 69, in get
return request('get', url, params=params, **kwargs)
File "/usr/local/lib/python2.6/dist-packages/requests/api.py", line 50, in request
response = session.request(method=method, url=url, **kwargs)
File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 465, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python2.6/dist-packages/requests/sessions.py", line 573, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python2.6/dist-packages/requests/adapters.py", line 431, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: [Errno 8] _ssl.c:480: EOF occurred in violation of protocol
1) Upgrade to python 2.7.9 as suggested in urllib3 documentation - https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning
2) By default, python standard library’s ssl module is used. Unfortunately, there are several limitations which are addressed by PyOpenSSL:
- (Python 2.x) SNI support.
- (Python 2.x-3.2) Disabling compression to mitigate CRIME attack.
$ pip install --upgrade pyopenssl ndg-httpsclient pyasn1
or
$ pip install requests[security] 
No comments:
Post a Comment