Extracting SSL Fingerprints

Posted by on May 13, 2013 in Blog, Source-Codes | Comments Off on Extracting SSL Fingerprints

Extracting SSL Fingerprints

I was looking for a script that can extract fingerprint from any SSL certificate provided you have the URL. I have found couple of them but non of them did what I expected exactly so I decided to write my own based on what I have found. The first script is written in Perl where the second in Linux Shell scripting and finally the last one is in PHP. Note that all of them do exactly the same task and will output the same results.

Next plan was to have an automated standalone application the can perform this from multiple locations automatically (SSLEYE). You should all know that a secure browser connections can be intercepted and decrypted by anyone (Man in the Middle-) who could spoof the authentic site’s certificate and act on your behalf this also allows them to read your traffic in clear text. But luckily that the authentic site’s fingerprint can not be duplicated and that’s the point of having such an application.

Perl script:

 


#!/usr/bin/perl
# Perl SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $perl sslf.pl -d yourdomain
# Example: $perl sslf.pl -d google.com

#libs used
use Net::SSLeay qw(get_https3);
use Getopt::Std;

# get args
getopts("o:i:d:s:e:hvb", \%args);

# set our input vars to easy names
$domain = $args{d};

# gotta have at least the domain and log file
if (!$args{d}) {
 print "\t Domain is blank google.com will be used\n\n";
 $domain ="google.com";

}

$host= $domain;
$port = 443;

($p, $resp, $hdrs, $server_cert) = get_https3($host, $port, '/');
#get finger print
print Net::SSLeay::X509_get_fingerprint($server_cert, "sha1");
print "\n";

 

Download

 

Shell script:

 


#!/bin/sh
# Shell SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $. sslf.sh -d yourdomain
# Example: $. sslf.sh -d google.com

#SSL Port
sslport=443

# Accept command line arguments
while [ $# -gt 0 ]
do
    case "$1" in

        -d)  host=$2 ; shift;;
        --)     shift; break;;
        -*)
            echo >&2 \
            "usage: $0 [-d] domain";;
        *)
        break;; # terminate while loop
    esac
    shift
done

#set port and host
host="$host:$sslport"

#get ssl info and strip the fingerprint
echo |\
openssl s_client -connect $host 2>/dev/null |\
openssl x509 -noout -fingerprint | cut -d'=' -f 2

 

Download

 

PHP script:

 


<?php

# PHP SSL Fingerprint Checker written by W. Al Maawali  
# (c) 2013 Founder of Eagle Eye Digital Solutions
# http://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: http://www.yourdomain.com/sslf.php
# Example: http://www.digi77.com/software/fingerprint/fp-public.php?hosts=www.facebook.com

//avoid timeouts
set_time_limit(0);

//For String variable use prevent sql injections
function StringInputCleaner($data)
{
	$data = trim($data); 
	$data = stripslashes($data); 
	$data=(filter_var($data, FILTER_SANITIZE_STRING));
	return $data;
}	

function getSllCertificate($hostname, $port = 443)
{
	$context = stream_context_create(array("ssl" => array("capture_peer_cert" => true)));
	$socket = @stream_socket_client("ssl://$hostname:$port", $errno, $errstr, ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
 
	if(!$socket)
		return array("md5" => "error", "sha1" => "error");
 
	$contextdata = stream_context_get_params($socket);
	$contextparams = $contextdata['options']['ssl']['peer_certificate'];
 
	fclose($socket);
 
	openssl_x509_export($contextparams, $cert, true);
	openssl_x509_free($contextparams);
 
	$repl = array("\r", "\n", "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----");
	$repw = array("", "", "", "");
 
	$cert = str_replace($repl, $repw, $cert);
 
	$decoded = base64_decode($cert);
	$fingerprints = array(
		"md5" => md5($decoded),
		"sha1" => sha1($decoded),
	);
	
	
	return $fingerprints ;
}

$host=$_REQUEST['hosts'];
//clean string safer coding
$host=StringInputCleaner($host);
$port=443;
$hashes = getSllCertificate($host, $port);

print_r($hashes['sha1']);


?>

 

Download

 

Digiprove sealCopyright protected by Digiprove © 2013-2022 Eagle Eye Digital Solutions
Shares
The following two tabs change content below.
My Twitter profileMy Facebook profileMy Google+ profileMy LinkedIn profileMy Instagram profileMy YouTube channel

Warith Al Maawali

Owner at Eagle Eye Digital Solutions
Crypto currency , security , coding addicted I am not an expert or a professional I just love & enjoy what I am addicted on🤠
My Twitter profileMy Facebook profileMy Google+ profileMy LinkedIn profileMy Instagram profileMy YouTube channel

Latest posts by Warith Al Maawali (see all)

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
The man-in-the middle attack intercepts a communication between two systems. For example, in an http transaction the target is the TCP connection between client and server. Using different techniques, the attacker splits the original TCP connection into 2 new connections, one between the client and the attacker and the other between the attacker and the server, as shown in figure 1. Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication.

Comments are closed.

Pin It on Pinterest