Extracting SSL Fingerprints

Extracting SSL Fingerprints

I was looking for a script that can extract fingerprint from any SSL certificate provided you have the URL. I have found couple of them but non of them did what I expected exactly so I decided to write my own based on what I have found. The first script is written in Perl where the second in Linux Shell scripting and finally the last one is in PHP. Note that all of them do exactly the same task and will output the same results.

Next plan was to have an automated standalone application the can perform this from multiple locations automatically (SSLEYE). You should all know that a secure browser connections can be intercepted and decrypted by anyone (Man in the Middle-) who could spoof the authentic site’s certificate and act on your behalf this also allows them to read your traffic in clear text. But luckily that the authentic site’s fingerprint can not be duplicated and that’s the point of having such an application.

Perl script:

 


#!/usr/bin/perl
# Perl SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $perl sslf.pl -d yourdomain
# Example: $perl sslf.pl -d google.com

#libs used
use Net::SSLeay qw(get_https3);
use Getopt::Std;

# get args
getopts("o:i:d:s:e:hvb", \%args);

# set our input vars to easy names
$domain = $args{d};

# gotta have at least the domain and log file
if (!$args{d}) {
 print "\t Domain is blank google.com will be used\n\n";
 $domain ="google.com";

}

$host= $domain;
$port = 443;

($p, $resp, $hdrs, $server_cert) = get_https3($host, $port, '/');
#get finger print
print Net::SSLeay::X509_get_fingerprint($server_cert, "sha1");
print "\n";

 

Download


 

Shell script:

 


#!/bin/sh
# Shell SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $. sslf.sh -d yourdomain
# Example: $. sslf.sh -d google.com

#SSL Port
sslport=443

# Accept command line arguments
while [ $# -gt 0 ]
do
    case "$1" in

        -d)  host=$2 ; shift;;
        --)     shift; break;;
        -*)
            echo >&2 \
            "usage: $0 [-d] domain";;
        *)
        break;; # terminate while loop
    esac
    shift
done

#set port and host
host="$host:$sslport"

#get ssl info and strip the fingerprint
echo |\
openssl s_client -connect $host 2>/dev/null |\
openssl x509 -noout -fingerprint | cut -d'=' -f 2

 

Download


 

PHP script:

 


<?php

# PHP SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: http://www.yourdomain.com/sslf.php
# Example: http://www.digi77.com/software/fingerprint/fp-public.php?hosts=www.facebook.com

//avoid timeouts
set_time_limit(0);

//For String variable use prevent sql injections
function StringInputCleaner($data)
{
	$data = trim($data); 
	$data = stripslashes($data); 
	$data=(filter_var($data, FILTER_SANITIZE_STRING));
	return $data;
}	

function getSllCertificate($hostname, $port = 443)
{
	$context = stream_context_create(array("ssl" => array("capture_peer_cert" => true)));
	$socket = @stream_socket_client("ssl://$hostname:$port", $errno, $errstr, ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
 
	if(!$socket)
		return array("md5" => "error", "sha1" => "error");
 
	$contextdata = stream_context_get_params($socket);
	$contextparams = $contextdata['options']['ssl']['peer_certificate'];
 
	fclose($socket);
 
	openssl_x509_export($contextparams, $cert, true);
	openssl_x509_free($contextparams);
 
	$repl = array("\r", "\n", "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----");
	$repw = array("", "", "", "");
 
	$cert = str_replace($repl, $repw, $cert);
 
	$decoded = base64_decode($cert);
	$fingerprints = array(
		"md5" => md5($decoded),
		"sha1" => sha1($decoded),
	);
	
	
	return $fingerprints ;
}

$host=$_REQUEST['hosts'];
//clean string safer coding
$host=StringInputCleaner($host);
$port=443;
$hashes = getSllCertificate($host, $port);

print_r($hashes['sha1']);


?>

 

Download


 

Digiprove sealCopyright protected by Digiprove © 2013-2014 Eagle Eye Digital Solutions
JOIN OUR NEWSLETTER
Amazing people have subscribed to our newsletter — and you’re amazing too!
We hate spam. Your email address will not be sold or shared with anyone else.
The following two tabs change content below.
Warith Al Maawali
W. AL Maawali is the Founder and Chief Editor of Eagle Eye Digital Solutions from the Sultanate of Oman with over 20 years experience in Security and Digital Forensics. He is also the Founder of om77.net.
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server, as shown in figure 1. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication.
commentJoin the Discussion

Pin It on Pinterest