Nmap Development mailing list archives
[NSE] XMPP support for ssl-cert.nse
From: Vasiliy Kulikov <segooon () gmail com>
Date: Tue, 9 Aug 2011 13:28:08 +0400
Hi, This is a little extention for ssl-cert. With xmpp.lua it is trivial :) Index: scripts/ssl-cert.nse =================================================================== --- scripts/ssl-cert.nse (revision 25647) +++ scripts/ssl-cert.nse (working copy) @@ -68,6 +68,7 @@ require("nsedebug") require("shortport") require("stdnse") +require("xmpp") local stringify_name local date_to_string @@ -138,8 +139,29 @@ return "Connected" end +function xmpp_starttls(host, port) + local ls = xmpp.XMPP:new(host, port, { starttls = true } ) + ls.socket = s + ls.socket:set_timeout(ls.options.timeout * 1000) + + local status, err = ls.socket:connect(host, port) + if not status then + return nil + end + + status, err = ls:connect() + if status then + return "Connected" + end +end + -- A table mapping port numbers to specialized SSL negotiation functions. -local SPECIALIZED_FUNCS = { [25] = smtp_starttls, [587] = smtp_starttls } +local SPECIALIZED_FUNCS = { + [25] = smtp_starttls, + [587] = smtp_starttls, + [5222] = xmpp_starttls, + [5269] = xmpp_starttls +} portrule = function(host, port) return shortport.ssl(host, port) or SPECIALIZED_FUNCS[port.number] Index: nselib/xmpp.lua =================================================================== --- nselib/xmpp.lua (revision 25647) +++ nselib/xmpp.lua (working copy) @@ -206,13 +206,14 @@ return false, "ERROR: Only version 1.0 is supported" end - if ( start_tls == "required" ) then + if ( start_tls == "required" or self.options.starttls) then status, err = self:send("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>") if ( not(status) ) then return false, "ERROR: Failed to initiate STARTTLS" end local status, tag = self:receive_tag() if ( not(status) ) then return false, "ERROR: Failed to recevice from server" end if ( tag.name == "proceed" ) then status, err = self.socket:reconnect_ssl() + self.options.starttls = false return self:connect() end end --- _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] XMPP support for ssl-cert.nse Vasiliy Kulikov (Aug 09)
- Re: [NSE] XMPP support for ssl-cert.nse David Fifield (Aug 09)
- Re: [NSE] XMPP support for ssl-cert.nse Vasiliy Kulikov (Aug 09)
- Re: [NSE] XMPP support for ssl-cert.nse David Fifield (Aug 09)