Hi guys, I found some urls in the source code with the following structure: http://xx.xx.xx.xx:port. The problem is that I cann’t check if they are forcing the https because it is running on a private network and we don’t have access to it.
I know that they must send all information on ciphered channels even if they’re using vpn, but my question is: Should we report it as FIN.S.22 even if it could mean a false positive since we cann’t check it?
You could check the type of client or library that is using to connect, and review if this library supports SSL forcing or changing to HTTPS, if not you easily can conclude that the vulnerability exists.
@peaceful-jennings If this topic is solved, please mark it as such by checking the solution chart at the bottom of the post you consider that properly answers your question. If not, please update the post with fuhrer information about the issue and/or the proposed solutions of the participants.