2017-08-01 23:13:28 +00:00
|
|
|
package zmodules
|
|
|
|
|
|
|
|
import (
|
|
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
"github.com/zmap/zgrab2/zgrab2"
|
|
|
|
)
|
2017-07-20 21:09:13 +00:00
|
|
|
|
2017-08-10 19:10:34 +00:00
|
|
|
type TLSModule struct {
|
2017-08-09 20:13:18 +00:00
|
|
|
zgrab2.BaseModule
|
2017-08-01 23:13:28 +00:00
|
|
|
Heartbleed bool `long:"heartbleed" description:"Check if server is vulnerable to Heartbleed"`
|
|
|
|
Version int `long:"version" description:"Max TLS version to use"`
|
2017-07-20 21:09:13 +00:00
|
|
|
Verbose bool `long:"verbose" description:"Add extra TLS information to JSON output (client hello, client KEX, key material, etc)" json:"verbose"`
|
|
|
|
SessionTicket bool `long:"session-ticket" description:"Send support for TLS Session Tickets and output ticket if presented" json:"session"`
|
|
|
|
ExtendedMasterSecret bool `long:"extended-master-secret" description:"Offer RFC 7627 Extended Master Secret extension" json:"extended"`
|
|
|
|
ExtendedRandom bool `long:"extended-random" description:"Send TLS Extended Random Extension" json:"extran"`
|
|
|
|
NoSNI bool `long:"no-sni" description:"Do not send domain name in TLS Handshake regardless of whether known" json:"sni"`
|
|
|
|
SCTExt bool `long:"sct" description:"Request Signed Certificate Timestamps during TLS Handshake" json:"sct"`
|
|
|
|
HTTP HTTPOptions `json:"http"`
|
|
|
|
}
|
|
|
|
|
2017-08-01 23:13:28 +00:00
|
|
|
func init() {
|
2017-08-10 19:10:34 +00:00
|
|
|
var tlsModule TLSModule
|
|
|
|
cmd, err := zgrab2.AddCommand("tls", "TLS Banner Grab", "Grab banner over TLS", &tlsModule)
|
2017-08-01 23:13:28 +00:00
|
|
|
if err != nil {
|
|
|
|
log.Fatal(err)
|
|
|
|
}
|
2017-08-10 19:10:34 +00:00
|
|
|
tlsModule.SetDefaultPortAndName(cmd, uint(443), "ssh")
|
2017-07-20 21:09:13 +00:00
|
|
|
}
|
|
|
|
|
2017-08-10 19:10:34 +00:00
|
|
|
func (x TLSModule) PerRoutineInitialize() {
|
2017-08-07 21:51:15 +00:00
|
|
|
|
|
|
|
}
|
|
|
|
|
2017-08-10 19:10:34 +00:00
|
|
|
// Execute validates the options sent to TLSModule and then passes operation back to main
|
|
|
|
func (x *TLSModule) Validate(args []string) error {
|
2017-08-03 19:55:15 +00:00
|
|
|
zgrab2.RegisterLookup(x.Name, *x)
|
2017-08-01 23:13:28 +00:00
|
|
|
return nil
|
2017-07-21 16:48:53 +00:00
|
|
|
}
|
|
|
|
|
2017-08-10 19:10:34 +00:00
|
|
|
func (x TLSModule) Scan() (interface{}, error) {
|
2017-08-01 23:13:28 +00:00
|
|
|
return x, nil
|
2017-07-20 21:09:13 +00:00
|
|
|
}
|