Adding TLS Scanning

This commit adds support for scanning tls endpoints (:443)
and extracts all the certificate data to report for further analysis
This commit is contained in:
Sarah Jamie Lewis 2016-07-31 11:30:53 -07:00
förälder 872555c1df
incheckning 76ffa74b5d
6 ändrade filer med 54 tillägg och 3 borttagningar

Visa fil

@ -90,7 +90,10 @@ func main() {
onionScan.Config.LogError(errors.New(scanReport.HiddenService + " timed out"))
}
file := scanReport.HiddenService + "." + *reportFile
file := *reportFile
if file != "" {
file := scanReport.HiddenService + "." + *reportFile
}
if *jsonReport {
report.GenerateJsonReport(file, scanReport)

Visa fil

@ -18,6 +18,10 @@ func (os *OnionScan) PerformNextAction(report *report.OnionScanReport) {
case "web":
wps := new(protocol.HTTPProtocolScanner)
wps.ScanProtocol(report.HiddenService, os.Config, report)
report.NextAction = "tls"
case "tls":
tps := new(protocol.TLSProtocolScanner)
tps.ScanProtocol(report.HiddenService, os.Config, report)
report.NextAction = "ssh"
case "ssh":
sps := new(protocol.SSHProtocolScanner)

Visa fil

@ -21,7 +21,6 @@ func (sps *FTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.On
osc.LogInfo("Failed to connect to service on port 21\n")
report.FTPDetected = false
} else {
// TODO FTP Checking
report.FTPDetected = true
reader := bufio.NewReader(conn)
banner, err := reader.ReadString('\n')

Visa fil

@ -10,6 +10,7 @@ import (
"io/ioutil"
"net/http"
"strings"
"crypto/tls"
)
type HTTPProtocolScanner struct {
@ -40,8 +41,12 @@ func (hps *HTTPProtocolScanner) ScanProtocol(hiddenService string, osc *config.O
dialSocksProxy := socks.DialSocksProxy(socks.SOCKS5, osc.TorProxyAddress)
transportConfig := &http.Transport{
Dial: dialSocksProxy,
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
}
hps.Client = &http.Client{
Transport: transportConfig,
}
hps.Client = &http.Client{Transport: transportConfig}
// FIXME This should probably be moved to it's own file now.
response, err := hps.Client.Get("http://" + hiddenService)
if err == nil {

35
protocol/tls_scanner.go Normal file
Visa fil

@ -0,0 +1,35 @@
package protocol
import (
"crypto/tls"
"fmt"
"github.com/s-rah/onionscan/config"
"github.com/s-rah/onionscan/report"
"github.com/s-rah/onionscan/utils"
)
type TLSProtocolScanner struct {
}
func (sps *TLSProtocolScanner) ScanProtocol(hiddenService string, osc *config.OnionscanConfig, report *report.OnionScanReport) {
osc.LogInfo(fmt.Sprintf("Checking %s TLS(443)\n", hiddenService))
conn, err := utils.GetNetworkConnection(hiddenService, 443, osc.TorProxyAddress, osc.Timeout)
if err != nil {
osc.LogInfo("Failed to connect to service on port 443\n")
report.TLSDetected = false
} else {
osc.LogInfo("Found TLS Endpoint\n")
report.TLSDetected = true
config := &tls.Config{
InsecureSkipVerify:true,
}
tlsConn := tls.Client(conn, config)
tlsConn.Write([]byte("GET / HTTP/1.1\r\n\r\n"))
for _, certificate := range tlsConn.ConnectionState().PeerCertificates {
osc.LogInfo(fmt.Sprintf("Found Certificate %v \n", certificate))
report.Certificates = append(report.Certificates, *certificate)
}
tlsConn.Close()
}
conn.Close()
}

Visa fil

@ -5,6 +5,7 @@ import (
"github.com/s-rah/onionscan/utils"
"io/ioutil"
"time"
"crypto/x509"
)
type ExifTag struct {
@ -29,6 +30,7 @@ type OnionScanReport struct {
// Summary
WebDetected bool `json:"webDetected"`
TLSDetected bool `json:"tlsDetected"`
SSHDetected bool `json:"sshDetected"`
RicochetDetected bool `json:"ricochetDetected"`
IRCDetected bool `json:"ircDetected"`
@ -60,6 +62,9 @@ type OnionScanReport struct {
PageTitle string `json:"pageTitle"`
ResponseHeaders map[string]string `json:"responseHeaders"`
// TLS
Certificates []x509.Certificate `json:"certificates"`
//Bitcoin
BitcoinAddresses []string `json:"bitcoinAddresses"`