Skip to content

Instantly share code, notes, and snippets.

@leonjza
Last active September 11, 2022 11:29
Show Gist options
  • Save leonjza/9af3ade91420ed48c6f048563885940a to your computer and use it in GitHub Desktop.
Save leonjza/9af3ade91420ed48c6f048563885940a to your computer and use it in GitHub Desktop.
Custom socat with SSLv2 and SSLv3 support

This script has moved to: https://github.com/leonjza/socat23

socat with sslv2 and sslv3 support

This script downloads and builds OpenSSL v1.0.2m and socat v1.7.3.2 in /usr/local/src. Once complete, a symlink at /usr/local/bin/socat-ssl23 is created so that you can run it with socat-ssl23.

install

Tested on Kali Linux:

curl -fsSL https://git.io/vFBDA | bash
# socat with sslv2 && sslv3 support for proxies
# symlinks the built socat to /usr/local/bin/socat-ssl23
#
# 2017 - @leonjza
set -e
# https://en.wikipedia.org/wiki/OpenSSL
# sslv2 is ripped from 1.1.0 so build latest 1.0.2
opensslversion=1.0.2m
socatversion=1.7.3.2
working_directory=/usr/local/src
# OpenSSL first
echo "Preparing working directory..."
mkdir -p $working_directory
cd $working_directory
echo "Downloading OpenSSL $opensslversion..."
curl -s -O https://www.openssl.org/source/openssl-$opensslversion.tar.gz
echo "Unpacking and building..."
tar xvf openssl-$opensslversion.tar.gz
cd openssl-$opensslversion
./config --prefix=`pwd`/local --openssldir=/usr/lib/ssl enable-ssl2 enable-ssl3 shared
make depend
make
make -i install
# set variables to use in socat build
openssl_libs=`pwd`/local/lib
openssl_include=`pwd`/local/include
echo "OpenSSL build complete."
# Next, socat!
cd $working_directory
echo "Downloading socat..."
curl -s -O http://www.dest-unreach.org/socat/download/socat-$socatversion.tar.gz
echo "Unpacking and building..."
tar xvf socat-$socatversion.tar.gz
cd socat-$socatversion
./configure LIBS="-L$openssl_libs" CPPFLAGS="-I$openssl_include"
make
echo "Creating symlink to new socat for 'socat-ssl23'..."
ln -s `pwd`/socat /usr/local/bin/socat-ssl23
echo "Done"
@franjo2016
Copy link

I run this script and it seemed to have downloaded and install everything, but when I trying using compiled app I get this error:

/usr/local/src/socat-1.7.3.2/socat: error while loading shared libraries: libssl.so.1.0.0: cannot open shared object file: No such file or directory

I verified that files exist in lib folder:

ls -l /usr/local/src/openssl-1.0.2m/local/lib/

total 8380
drwxr-xr-x. 2 root root 236 Nov 19 15:29 engines
-rw-r--r--. 1 root root 4507940 Nov 19 15:29 libcrypto.a
lrwxrwxrwx. 1 root root 18 Nov 19 15:29 libcrypto.so -> libcrypto.so.1.0.0
-r-xr-xr-x. 1 root root 2683472 Nov 19 15:29 libcrypto.so.1.0.0
-rw-r--r--. 1 root root 831290 Nov 19 15:29 libssl.a
lrwxrwxrwx. 1 root root 15 Nov 19 15:29 libssl.so -> libssl.so.1.0.0
-r-xr-xr-x. 1 root root 552128 Nov 19 15:29 libssl.so.1.0.0
drwxr-xr-x. 2 root root 61 Nov 19 15:29 pkgconfig

Any advice what is missing?
Thanks!

@dampfklon
Copy link

dampfklon commented Jan 29, 2019

Had the same problem. The executable doesn't search /usr/local/src/openssl-1.0.2m/local/lib/ on runtime.

Fixed by passing the -rpath option to the linker so that the executable searchs the path.

In line 46 append LDFLAGS="$openssl_rpath" and line 32 openssl_rpath="-Wl,-rpath,'\$\$ORIGIN/../openssl-$opensslversion/local/lib' -Wl,-z,origin"

then rebuild and it should be working

@leonjza
Copy link
Author

leonjza commented Mar 13, 2019

Thanks @franjo2016 / @dampfklon I moved the script to a repo here so I can actually get notifications on messages.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment