Browse Source

Adding TLS Scanning

This commit adds support for scanning tls endpoints (:443)
and extracts all the certificate data to report for further analysis
master
Sarah Jamie Lewis 4 years ago
parent
commit
76ffa74b5d
6 changed files with 54 additions and 3 deletions
  1. +4
    -1
      main.go
  2. +4
    -0
      onionscan.go
  3. +0
    -1
      protocol/ftp_scanner.go
  4. +6
    -1
      protocol/http_scanner.go
  5. +35
    -0
      protocol/tls_scanner.go
  6. +5
    -0
      report/onionscanreport.go

+ 4
- 1
main.go View File

@@ -90,7 +90,10 @@ func main() {
onionScan.Config.LogError(errors.New(scanReport.HiddenService + " timed out"))
}

file := scanReport.HiddenService + "." + *reportFile
file := *reportFile
if file != "" {
file := scanReport.HiddenService + "." + *reportFile
}

if *jsonReport {
report.GenerateJsonReport(file, scanReport)


+ 4
- 0
onionscan.go View File

@@ -18,6 +18,10 @@ func (os *OnionScan) PerformNextAction(report *report.OnionScanReport) {
case "web":
wps := new(protocol.HTTPProtocolScanner)
wps.ScanProtocol(report.HiddenService, os.Config, report)
report.NextAction = "tls"
case "tls":
tps := new(protocol.TLSProtocolScanner)
tps.ScanProtocol(report.HiddenService, os.Config, report)
report.NextAction = "ssh"
case "ssh":
sps := new(protocol.SSHProtocolScanner)


+ 0
- 1
protocol/ftp_scanner.go View File

@@ -21,7 +21,6 @@ func (sps *FTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.On
osc.LogInfo("Failed to connect to service on port 21\n")
report.FTPDetected = false
} else {
// TODO FTP Checking
report.FTPDetected = true
reader := bufio.NewReader(conn)
banner, err := reader.ReadString('\n')


+ 6
- 1
protocol/http_scanner.go View File

@@ -10,6 +10,7 @@ import (
"io/ioutil"
"net/http"
"strings"
"crypto/tls"
)

type HTTPProtocolScanner struct {
@@ -40,8 +41,12 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O
dialSocksProxy := socks.DialSocksProxy(socks.SOCKS5, osc.TorProxyAddress)
transportConfig := &http.Transport{
Dial: dialSocksProxy,
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
hps.Client = &http.Client{
Transport: transportConfig,
}
hps.Client = &http.Client{Transport: transportConfig}
// FIXME This should probably be moved to it's own file now.
response, err := hps.Client.Get("http://" + hiddenService)
if err == nil {


+ 35
- 0
protocol/tls_scanner.go View File

@@ -0,0 +1,35 @@
package protocol

import (
"crypto/tls"
"fmt"
"github.com/s-rah/onionscan/config"
"github.com/s-rah/onionscan/report"
"github.com/s-rah/onionscan/utils"
)

type TLSProtocolScanner struct {
}

func (sps *TLSProtocolScanner) ScanProtocol(hiddenService string, osc *config.OnionscanConfig, report *report.OnionScanReport) {
osc.LogInfo(fmt.Sprintf("Checking %s TLS(443)\n", hiddenService))
conn, err := utils.GetNetworkConnection(hiddenService, 443, osc.TorProxyAddress, osc.Timeout)
if err != nil {
osc.LogInfo("Failed to connect to service on port 443\n")
report.TLSDetected = false
} else {
osc.LogInfo("Found TLS Endpoint\n")
report.TLSDetected = true
config := &tls.Config{
InsecureSkipVerify:true,
}
tlsConn := tls.Client(conn, config)
tlsConn.Write([]byte("GET / HTTP/1.1\r\n\r\n"))
for _, certificate := range tlsConn.ConnectionState().PeerCertificates {
osc.LogInfo(fmt.Sprintf("Found Certificate %v \n", certificate))
report.Certificates = append(report.Certificates, *certificate)
}
tlsConn.Close()
}
conn.Close()
}

+ 5
- 0
report/onionscanreport.go View File

@@ -5,6 +5,7 @@ import (
"github.com/s-rah/onionscan/utils"
"io/ioutil"
"time"
"crypto/x509"
)

type ExifTag struct {
@@ -29,6 +30,7 @@ type OnionScanReport struct {

// Summary
WebDetected bool `json:"webDetected"`
TLSDetected bool `json:"tlsDetected"`
SSHDetected bool `json:"sshDetected"`
RicochetDetected bool `json:"ricochetDetected"`
IRCDetected bool `json:"ircDetected"`
@@ -60,6 +62,9 @@ type OnionScanReport struct {
PageTitle string `json:"pageTitle"`
ResponseHeaders map[string]string `json:"responseHeaders"`

// TLS
Certificates []x509.Certificate `json:"certificates"`

//Bitcoin
BitcoinAddresses []string `json:"bitcoinAddresses"`



Loading…
Cancel
Save