Class: Ronin::Recon::SSL::CertGrab

Inherits:

Worker

Object
Worker
Ronin::Recon::SSL::CertGrab

show all

Defined in:: lib/ronin/recon/builtin/ssl/cert_grab.rb

Overview

A recon worker that grabs the SSL/TLS certificate from open ports that use SSL/TLS.

Instance Method Summary collapse

#process(open_port) {|cert| ... } ⇒ Object
Grabs the TLS certificate from the open port, if it supports SSL/TLS.

Methods inherited from Worker

accepts, concurrency, #initialize, intensity, outputs, register, run

Constructor Details

This class inherits a constructor from Ronin::Recon::Worker

Instance Method Details

#process(open_port) {|cert| ... } ⇒ `Object`

Grabs the TLS certificate from the open port, if it supports SSL/TLS.

Parameters:

open_port (Values::OpenPort) —
The open port value to check.

Yields:

(cert) —
If the open port supports SSL/TLS, then a certificate value will be yielded.

Yield Parameters:

cert (Values::Cert) —
The grabbed certificate value.

# File 'lib/ronin/recon/builtin/ssl/cert_grab.rb', line 59

def process(open_port)
  if open_port.ssl?
    context = OpenSSL::SSL::SSLContext.new

    context.verify_mode = OpenSSL::SSL::VERIFY_NONE

    address  = open_port.address
    port     = open_port.number
    endpoint = Async::IO::Endpoint.ssl(address,port, ssl_context: context)

    begin
      endpoint.connect do |socket|
        peer_cert = socket.peer_cert

        yield Cert.new(peer_cert)
      end
    rescue OpenSSL::SSL::SSLError
      # abort if we cannot successfully establish a SSL/TLS connection
    end
  end
end