automatic tls data extraction for https protocol

2024-11-24 13:14:01 +03:00 · 2020-07-23 14:17:19 +02:00 · 2020-07-23 14:17:19 +02:00 · 9b9dcc5889
commit 9b9dcc5889
parent c826768acf
4 changed files with 51 additions and 5 deletions
--- a/cmd/httpx/httpx.go
+++ b/cmd/httpx/httpx.go
@ -316,7 +316,18 @@ retry:
 		}
 	}

-	output <- Result{URL: fullURL, ContentLength: resp.ContentLength, StatusCode: resp.StatusCode, Title: title, str: builder.String(), VHost: isvhost, WebServer: serverHeader, Response: serverResponseRaw, WebSocket: isWebSocket}
+	output <- Result{
+		URL:           fullURL,
+		ContentLength: resp.ContentLength,
+		StatusCode:    resp.StatusCode,
+		Title:         title,
+		str:           builder.String(),
+		VHost:         isvhost,
+		WebServer:     serverHeader,
+		Response:      serverResponseRaw,
+		WebSocket:     isWebSocket,
+		TlsData:       resp.TlsData,
+	}
 }

 // Result of a scan
@ -327,10 +338,11 @@ type Result struct {
 	Title         string `json:"title"`
 	str           string
 	err           error
-	VHost         bool   `json:"vhost"`
-	WebServer     string `json:"webserver"`
-	Response      string `json:"serverResponse,omitempty"`
-	WebSocket     bool   `json:"websocket,omitempty"`
+	VHost         bool           `json:"vhost"`
+	WebServer     string         `json:"webserver"`
+	Response      string         `json:"serverResponse,omitempty"`
+	WebSocket     bool           `json:"websocket,omitempty"`
+	TlsData       *httpx.TlsData `json:"tls,omitempty"`
 }

 // JSON the result
--- a/common/httpx/httpx.go
+++ b/common/httpx/httpx.go
@ -134,6 +134,9 @@ func (h *HTTPX) Do(req *retryablehttp.Request) (*Response, error) {
 	// number of lines
 	resp.Lines = len(strings.Split(respbodystr, "\n"))

+	// extracts TLS data if any
+	resp.TlsData = h.TlsGrab(httpresp)
+
 	return &resp, nil
 }

--- a/common/httpx/response.go
+++ b/common/httpx/response.go
@ -13,6 +13,7 @@ type Response struct {
 	Raw           string
 	Words         int
 	Lines         int
+	TlsData       *TlsData
 }

 // GetHeader value
--- a/common/httpx/tls.go
+++ b/common/httpx/tls.go
@ -0,0 +1,30 @@
+package httpx
+
+import (
+	"net/http"
+)
+
+type TlsData struct {
+	DNSNames         []string `json:"dns_names,omitempty"`
+	Emails           []string `json:"emails,omitempty"`
+	CommonName       []string `json:"common_name,omitempty"`
+	Organization     []string `json:"organization,omitempty"`
+	IssuerCommonName []string `json:"issuer_common_name,omitempty"`
+	IssuerOrg        []string `json:"issuer_organization,omitempty"`
+}
+
+func (h *HTTPX) TlsGrab(r *http.Response) *TlsData {
+	if r.TLS != nil {
+		var tlsdata TlsData
+		for _, certificate := range r.TLS.PeerCertificates {
+			tlsdata.DNSNames = append(tlsdata.DNSNames, certificate.DNSNames...)
+			tlsdata.Emails = append(tlsdata.Emails, certificate.EmailAddresses...)
+			tlsdata.CommonName = append(tlsdata.CommonName, certificate.Subject.CommonName)
+			tlsdata.Organization = append(tlsdata.Organization, certificate.Subject.Organization...)
+			tlsdata.IssuerOrg = append(tlsdata.IssuerOrg, certificate.Issuer.Organization...)
+			tlsdata.IssuerCommonName = append(tlsdata.IssuerCommonName, certificate.Issuer.CommonName)
+		}
+		return &tlsdata
+	}
+	return nil
+}