PenTest/nmap
1
0
Fork 0
mirror of https://github.com/nmap/nmap.git synced 2025-12-20 14:39:02 +00:00
Code Issues Projects Releases Wiki Activity

Let ssl-cert grab certs from DTLS services. Fix rules for TCP-only scripts

Browse Source
This commit is contained in:
dmiller
2024-06-03 19:00:33 +00:00
parent ff0b70f6dd
commit 74a88c0804
17 changed files with 39 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
nselib/sslcert.lua
View File

@@ -1004,18 +1004,26 @@ function getCertificate(host, port)
local mutex = nmap.mutex("sslcert-cache-mutex")
mutex "lock"
if ( host.registry["ssl-cert"] and
host.registry["ssl-cert"][port.number] ) then
local cache = host.registry["ssl-cert"]
if not cache then
cache = {}
host.registry["ssl-cert"] = cache
end
local key = ("%d%s"):format(port.number, port.protocol)
local cert = cache[key]
if cert then
stdnse.debug2("sslcert: Returning cached SSL certificate")
mutex "done"
return true, host.registry["ssl-cert"][port.number]
return true, cert
end
local cert
local wrapper = SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service] or SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number]
local special_table = have_openssl and SPECIALIZED_PREPARE_TLS or SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT
local specialized = special_table[port.service] or special_table[port.number]
local wrapper, specialized
if (port.protocol == "tcp") then
wrapper = SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.service] or SPECIALIZED_WRAPPED_TLS_WITHOUT_RECONNECT[port.number]
local special_table = have_openssl and SPECIALIZED_PREPARE_TLS or SPECIALIZED_PREPARE_TLS_WITHOUT_RECONNECT
specialized = special_table[port.service] or special_table[port.number]
end
local status = false
@@ -1051,10 +1059,8 @@ function getCertificate(host, port)
-- Now try to connect with Nsock's SSL connection
if not status and have_openssl then
local socket = nmap.new_socket()
local errmsg
status, errmsg = socket:connect(host, port, "ssl")
if not status then
local socket, errmsg = comm.opencon(host, port, nil, {proto="ssl"})
if not socket then
stdnse.debug1("SSL connect error: %s", errmsg)
else
cert = socket:get_ssl_certificate()
@@ -1065,7 +1071,8 @@ function getCertificate(host, port)
-- Finally, try to connect and manually handshake (maybe more tolerant of TLS
-- insecurity than OpenSSL)
if not status then
-- TODO: DTLS handshaking
if not status and port.protocol == "tcp" then
local socket = nmap.new_socket()
local errmsg
status, errmsg = socket:connect(host, port)
@@ -1082,9 +1089,7 @@ function getCertificate(host, port)
return false, "No certificate found"
end
host.registry["ssl-cert"] = host.registry["ssl-cert"] or {}
host.registry["ssl-cert"][port.number] = host.registry["ssl-cert"][port.number] or {}
host.registry["ssl-cert"][port.number] = cert
cache[key] = cert
mutex "done"
return true, cert
end