Nmap Development mailing list archives
ssl-cert.nse
From: David Fifield <david () bamsoftware com>
Date: Thu, 6 Aug 2009 13:01:10 -0600
Hi, There has been at least one request to have Ncat print out server SSL certificate expiration dates. http://seclists.org/nmap-dev/2009/q3/0318.html I resisted this because it would be better in an NSE script. I think it's a great idea though, so I wrote a script. The script by default prints out the subject name and the beginning and end dates of the validity period. With more verbosity you get more information, up to the entire PEM-encoded contents of the vertificate at -vvv. $ nmap --script=safe www.paypal.com -p 443 443/tcp open https | ssl-cert: Subject: commonName=www.paypal.com/organizationName=PayPal, Inc./stateOrProvinceName=California/countryName=US | Not valid before: 2009-05-28 00:00:00 |_ Not valid after: 2010-05-01 23:59:59 $ nmap --script=safe www.paypal.com -p 443 -vvv 443/tcp open https | ssl-cert: Subject: commonName=www.paypal.com/organizationName=PayPal, Inc./stateOrProvinceName=California/countryName=US/serialNumber=3014267/1.3.6.1.4.1.311.60.2.1.3=US/streetAddress=2211 N 1st St/1.3.6.1.4.1.311.60.2.1.2=Delaware/postalCode=95131-2021/localityName=San Jose/organizationalUnitName=Information Systems/2.5.4.15=V1.0, Clause 5.(b) | Issuer: commonName=VeriSign Class 3 Extended Validation SSL CA/organizationName=VeriSign, Inc./countryName=US/organizationalUnitName=Terms of use at https://www.verisign.com/rpa (c)06 | Not valid before: 2009-05-28 00:00:00 | Not valid after: 2010-05-01 23:59:59 | -----BEGIN CERTIFICATE----- | MIIFxzCCBK+gAwIBAgIQX02QuADDB7CVjZdooVge+zANBgkqhkiG9w0BAQUFADCB ... Is this script useful to anyone? Is there more information that should be included? The script depends on some changes to nse_nsock.cc to add the nmap.get_ssl_certificate function that turns the peer SSL certificate into a Lua table. David Fifield
Attachment:
ssl-cert.nse
Description:
Attachment:
get_ssl_certificate.diff
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- ssl-cert.nse David Fifield (Aug 06)
- Re: ssl-cert.nse Alan Jones (Aug 06)
- Re: ssl-cert.nse David Fifield (Aug 07)
- Re: ssl-cert.nse Sven Klemm (Aug 07)
- Re: ssl-cert.nse David Fifield (Aug 13)
- Re: ssl-cert.nse Alan Jones (Aug 06)