Cannot kill hanging scan on sites without SSL/TLS

[stitch]

How to quit/kill/stop the script when it hangs? Is there a keyboard command, escape key that works?

The manual points out that:
"If the specified targets accepts connections but does not speak SSL, the connection will be closed after the system's TCP/IP-timeout. This script will hang (about 2-3 minutes)."

I've found that the hang is indefinite scanning a non-tls site with the following command:
docker run --rm -it owasp/o-saft --trace-key --legacy=quick +check arnhem.nl:80

As suggested the --ssl-error-max= (or --no-ssl-error) can be used. After the script hangs, this counter does not increase. Thus using a --ssl-error-max= with a too high value might be a risk of a hang. This is enough for a workaround for this issue 😄

docker run --rm -it owasp/o-saft --trace-key --legacy=quick +check arnhem.nl:80
=== reading: ./.o-saft.pl (RC-FILE done) ===
=== reading: /O-Saft/o-saft-dbx.pm (trace file done) ===
=== reading: /usr/local/share/perl5/site_perl/IO/Socket/SSL.pm (IO SSL module done) ===
=== reading: /usr/share/perl5/core_perl/Time/Local.pm (Time module done) ===
=== reading: /O-Saft/Net/SSLinfo.pm (O-Saft module done) ===
**WARNING: 143: SSL version 'TLSv13': not supported by Net::SSLeay; not checked
**WARNING: 066: 7 data and check outputs are disbaled due to use of '--no-out':
!!Hint: use  '--v'  for more information
!!Hint: do not use '--ignore-out=*' or '--no-out=*' options
**WARNING: 410: SSLv2 does not support SNI; checks skipped
!!Hint: use '--no-sni' for checking
**WARNING: 410: SSLv3 does not support SNI; checks skipped
!!Hint: use '--no-sni' for checking
**WARNING: 302: TLSv1: (31 of 193 ciphers checked) abort connection attempts after 5 max errors
!!Hint: use  --no-ssl-error  or  --ssl-error-max=  to continue connecting
**WARNING: 301: TLSv11: (8 of 193 ciphers checked) abort connection attempts after 10 total errors
!!Hint: use  --no-ssl-error  or  --ssl-error-max=  to continue connecting
**WARNING: 301: TLSv12: (21 of 193 ciphers checked) abort connection attempts after 10 total errors
!!Hint: use  --no-ssl-error  or  --ssl-error-max=  to continue connecting
^C
^C^C^C^C^C^C^C^C
^C^C^C^C^C^[^[^[^[^[^[

[EnDe]

Ok, I'll answer according the subject of this issue: cannot kill hanging scan

Up to now, this is a known run-time issue, it's also documented.
Hence I'd like to mark this as "enhancement request".

[EnDe]

according "How to quit/kill/stop the script when it hangs?"
Depends on your shell and/or operating system. In plain shell on *nix Ctrl-C should work. If it is in a VM, depends on your VM preferences too. If it is in docker, I guess you need to kill the container:
docker container kill
may be rm also works
docker container rm

[EnDe]

This problem still exists today (2024) with docker and even podman.
The only workaround known so far is to kill all corresponding docker and containerd, or podman and conman, processes.
In *IX world kill -9 ... must be used. Note that stoppping the dockerd daemon most likely also does not stop/kill all running processes.

As there is no way from the parent process to stop in a clean way, this issue should be closed but we keep it open as "question".