|
|
|
|
@ -2,6 +2,7 @@ package control
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"crypto/tls"
|
|
|
|
|
"crypto/x509"
|
|
|
|
|
"flag"
|
|
|
|
|
"fmt"
|
|
|
|
|
"net"
|
|
|
|
|
@ -22,6 +23,15 @@ func (c *TlsPingCommand) Description() Description {
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func printCertificates(certs []*x509.Certificate) {
|
|
|
|
|
for _, cert := range certs {
|
|
|
|
|
if len(cert.DNSNames) == 0 {
|
|
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("Allowed domains: ", cert.DNSNames)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (c *TlsPingCommand) Execute(args []string) error {
|
|
|
|
|
fs := flag.NewFlagSet(c.Name(), flag.ContinueOnError)
|
|
|
|
|
ipStr := fs.String("ip", "", "IP address of the domain")
|
|
|
|
|
@ -53,6 +63,7 @@ func (c *TlsPingCommand) Execute(args []string) error {
|
|
|
|
|
}
|
|
|
|
|
fmt.Println("Using IP: ", ip.String())
|
|
|
|
|
|
|
|
|
|
fmt.Println("-------------------")
|
|
|
|
|
fmt.Println("Pinging without SNI")
|
|
|
|
|
{
|
|
|
|
|
tcpConn, err := net.DialTCP("tcp", nil, &net.TCPAddr{IP: ip, Port: 443})
|
|
|
|
|
@ -70,10 +81,12 @@ func (c *TlsPingCommand) Execute(args []string) error {
|
|
|
|
|
fmt.Println("Handshake failure: ", err)
|
|
|
|
|
} else {
|
|
|
|
|
fmt.Println("Handshake succeeded")
|
|
|
|
|
printCertificates(tlsConn.ConnectionState().PeerCertificates)
|
|
|
|
|
}
|
|
|
|
|
tlsConn.Close()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
fmt.Println("-------------------")
|
|
|
|
|
fmt.Println("Pinging with SNI")
|
|
|
|
|
{
|
|
|
|
|
tcpConn, err := net.DialTCP("tcp", nil, &net.TCPAddr{IP: ip, Port: 443})
|
|
|
|
|
@ -91,6 +104,7 @@ func (c *TlsPingCommand) Execute(args []string) error {
|
|
|
|
|
fmt.Println("handshake failure: ", err)
|
|
|
|
|
} else {
|
|
|
|
|
fmt.Println("handshake succeeded")
|
|
|
|
|
printCertificates(tlsConn.ConnectionState().PeerCertificates)
|
|
|
|
|
}
|
|
|
|
|
tlsConn.Close()
|
|
|
|
|
}
|
|
|
|
|
|
Darien Raymond
6 years ago