diff options
Diffstat (limited to 'dotfiles/scripts/fingerprint')
-rwxr-xr-x | dotfiles/scripts/fingerprint | 66 |
1 files changed, 66 insertions, 0 deletions
diff --git a/dotfiles/scripts/fingerprint b/dotfiles/scripts/fingerprint new file mode 100755 index 0000000..8e15a98 --- /dev/null +++ b/dotfiles/scripts/fingerprint @@ -0,0 +1,66 @@ +#!/usr/bin/env ruby + +# Usage exemple: ./fingerprint twitter.com api.twitter.com ton.twitter.com twitter.com tweetdeck.twitter.com userstream.twitter.com abs.twitter.com psb.twimg.com ton.twing.com video.twimg.com 2> /dev/null +# List of figerprint by domain name + +require 'resolv' +require 'openssl' +require 'set' + +hosts = Set.new +ips = Set.new +certs = Set.new +subjects = Set.new +cas = Set.new +fps = Set.new +keys = Set.new + +resolver = Resolv::DNS.new +ARGV.each do |host| + $stderr.puts host + hosts << host + resolver.each_address(host) do |ip| + ip = ip.to_s + ips << ip + $stderr.puts " #{ip}" + tcp_client = TCPSocket.new ip, 443 + ssl_client = OpenSSL::SSL::SSLSocket.new tcp_client + ssl_client.hostname = host + ssl_client.connect + cert = ssl_client.peer_cert + certs << cert + + subject = cert.subject + subjects << subject + $stderr.puts " CN=#{subject}" + + ca = cert.issuer + cas << ca + $stderr.puts " CA=#{ca}" + + fp = OpenSSL::Digest::SHA256.hexdigest cert.to_der + fps << fp + $stderr.puts " fp=#{fp}" + + key = ::OpenSSL::Digest::SHA256.hexdigest cert.public_key.to_der + keys << key + $stderr.puts " key=#{key}" + + ssl_client.close + end +end + +puts "#{hosts.size} hosts" +hosts.sort.each { |l| puts " #{l}"} +puts "#{ips.size} IPs" +ips.sort.each { |l| puts " #{l}"} +puts "#{fps.size} certificates" +fps.sort.each { |l| puts " #{l}"} +puts "#{cas.size} CAs" +cas.sort.each { |l| puts " #{l}"} +puts "#{subjects.size} subjects" +subjects.sort.each { |l| puts " #{l}"} +puts "#{keys.size} keys" +keys.sort.each { |l| puts " #{l}"} + + |