Extracting SSL Fingerprints
Extracting SSL Fingerprints: My Custom Scripts
I was looking for a script that can extract the SSL fingerprint from any SSL certificate, given you have the URL. I found a few scripts, but none of them did exactly what I expected, so I decided to write my own based on what I found. I created three versions of the script: one in Perl, one in Linux Shell scripting, and one in PHP. Note that all of them perform the same task and produce the same results.
The next plan was to develop an automated standalone application that could perform this task from multiple locations automatically (SSLEYE). It’s important to understand that secure browser connections can be intercepted and decrypted by anyone (Man-in-the-Middle, MITM) who could spoof the authentic site’s certificate and act on your behalf. This also allows them to read your traffic in clear text. Fortunately, the authentic site’s fingerprint cannot be duplicated, which is the main advantage of having such an application.
Perl script:
#!/usr/bin/perl
# Perl SSL Fingerprint Checker written by W. Al Maawali
# (c) 2013 Founder of Eagle Eye Digital Solutions
# https://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $perl sslf.pl -d yourdomain
# Example: $perl sslf.pl -d google.com
#libs used
use Net::SSLeay qw(get_https3);
use Getopt::Std;
# get args
getopts("o:i:d:s:e:hvb", \%args);
# set our input vars to easy names
$domain = $args{d};
# gotta have at least the domain and log file
if (!$args{d}) {
print "\t Domain is blank google.com will be used\n\n";
$domain ="google.com";
}
$host= $domain;
$port = 443;
($p, $resp, $hdrs, $server_cert) = get_https3($host, $port, '/');
#get finger print
print Net::SSLeay::X509_get_fingerprint($server_cert, "sha1");
print "\n";
Shell script:
#!/bin/sh
# Shell SSL Fingerprint Checker written by W. Al Maawali
# (c) 2013 Founder of Eagle Eye Digital Solutions
# https://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: $. sslf.sh -d yourdomain
# Example: $. sslf.sh -d google.com
#SSL Port
sslport=443
# Accept command line arguments
while [ $# -gt 0 ]
do
case "$1" in
-d) host=$2 ; shift;;
--) shift; break;;
-*)
echo >&2 \
"usage: $0 [-d] domain";;
*)
break;; # terminate while loop
esac
shift
done
#set port and host
host="$host:$sslport"
#get ssl info and strip the fingerprint
echo |\
openssl s_client -connect $host 2>/dev/null |\
openssl x509 -noout -fingerprint | cut -d'=' -f 2
PHP script:
<?php
# PHP SSL Fingerprint Checker written by W. Al Maawali
# (c) 2013 Founder of Eagle Eye Digital Solutions
# https://www.digi77.com
# http://www.om77.net
# script starts here:
# Usage: http://www.yourdomain.com/sslf.php
# Example: https://www.digi77.com/software/fingerprint/fp-public.php?hosts=www.facebook.com
//avoid timeouts
set_time_limit(0);
//For String variable use prevent sql injections
function StringInputCleaner($data)
{
$data = trim($data);
$data = stripslashes($data);
$data=(filter_var($data, FILTER_SANITIZE_STRING));
return $data;
}
function getSllCertificate($hostname, $port = 443)
{
$context = stream_context_create(array("ssl" => array("capture_peer_cert" => true)));
$socket = @stream_socket_client("ssl://$hostname:$port", $errno, $errstr, ini_get("default_socket_timeout"), STREAM_CLIENT_CONNECT, $context);
if(!$socket)
return array("md5" => "error", "sha1" => "error");
$contextdata = stream_context_get_params($socket);
$contextparams = $contextdata['options']['ssl']['peer_certificate'];
fclose($socket);
openssl_x509_export($contextparams, $cert, true);
openssl_x509_free($contextparams);
$repl = array("\r", "\n", "-----BEGIN CERTIFICATE-----", "-----END CERTIFICATE-----");
$repw = array("", "", "", "");
$cert = str_replace($repl, $repw, $cert);
$decoded = base64_decode($cert);
$fingerprints = array(
"md5" => md5($decoded),
"sha1" => sha1($decoded),
);
return $fingerprints ;
}
$host=$_REQUEST['hosts'];
//clean string safer coding
$host=StringInputCleaner($host);
$port=443;
$hashes = getSllCertificate($host, $port);
print_r($hashes['sha1']);
?>