Wmap SSL module renamed and updated to check for MD5 signature algorithm.
git-svn-id: file:///home/svn/framework3/trunk@6062 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
f50672c7eb
commit
e7dda0000b
|
@ -21,9 +21,9 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
def initialize
|
def initialize
|
||||||
super(
|
super(
|
||||||
'Name' => 'HTTP SSL Certificate VHOST Detection',
|
'Name' => 'HTTP SSL Certificate tester',
|
||||||
'Version' => '$Revision$',
|
'Version' => '$Revision: 6022 $',
|
||||||
'Description' => 'Display vhost associated to server using SSL certificate',
|
'Description' => 'Display vhost associated to server using SSL certificate and check for signature algorithm',
|
||||||
'Author' => 'et',
|
'Author' => 'et',
|
||||||
'License' => MSF_LICENSE
|
'License' => MSF_LICENSE
|
||||||
)
|
)
|
||||||
|
@ -44,16 +44,23 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
ssock.close
|
ssock.close
|
||||||
|
|
||||||
if cert
|
if cert
|
||||||
print_status("Subject: #{cert.subject}")
|
print_status("Subject: #{cert.subject} Signature Alg: #{cert.signature_algorithm}")
|
||||||
|
alg = cert.signature_algorithm
|
||||||
|
|
||||||
|
if alg.downcase.include? "md5"
|
||||||
|
print_status("#{ip} WARNING: Signature algorithm using MD5 (#{alg})")
|
||||||
|
end
|
||||||
|
|
||||||
sub = cert.subject.to_a
|
sub = cert.subject.to_a
|
||||||
|
|
||||||
|
vhostn = 'EMPTY'
|
||||||
sub.each do |n|
|
sub.each do |n|
|
||||||
|
#print_line "#{n[0]}"
|
||||||
if n[0] == 'CN'
|
if n[0] == 'CN'
|
||||||
|
#print_line "> #{n[1]}"
|
||||||
vhostn = n[1]
|
vhostn = n[1]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
vhostn = sub[sub.length-1][1]
|
|
||||||
|
|
||||||
if vhostn
|
if vhostn
|
||||||
print_status("#{ip} is host #{vhostn}")
|
print_status("#{ip} is host #{vhostn}")
|
||||||
|
@ -65,6 +72,7 @@ class Metasploit3 < Msf::Auxiliary
|
||||||
|
|
||||||
wmap_report(rep_id,'VHOST','NAME',"#{vhostn}","Vhost #{vhostn} found.")
|
wmap_report(rep_id,'VHOST','NAME',"#{vhostn}","Vhost #{vhostn} found.")
|
||||||
wmap_report(rep_id,'X509','SUBJECT',"#{cert.subject}",nil)
|
wmap_report(rep_id,'X509','SUBJECT',"#{cert.subject}",nil)
|
||||||
|
wmap_report(rep_id,'X509','SIGN_ALGORITHM',"#{cert.signature_algorithm}","Signature algorithm")
|
||||||
end
|
end
|
||||||
else
|
else
|
||||||
print_status("No certificate subject or CN found")
|
print_status("No certificate subject or CN found")
|
Loading…
Reference in New Issue