Nmap Development mailing list archives
Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25
From: Patrick Donnelly <batrick () batbytes com>
Date: Sun, 4 Oct 2009 03:08:35 -0400
Hi Tom, On Sat, Oct 3, 2009 at 1:55 PM, Tom Sellers <nmap () fadedcode net> wrote:
Well, I thought I was making progress on this but I think I have hit a road block that I can't get around. I found that the NSE sockets were being created by the l_sock_connect function in nse_nsock.cc. This fuction will create sockets for TCP, UDP and SSL as requested by calling one of three functions: nsock_connect_tcp nsock_connect_udp nsock_connect_ssl These functions are defined in nsock_connect.c. While looking at these I found that this file also contains what I thought was EXACTLY what I was looking for: nsock_reconnect_ssl. Based on the description this will request an SSL connection over an established connection. I modified l_sock_connect and added a call to nsock_connect_ssl, edited ssl-cert.nse to call this, but I cannot seem to get it working. It dies with the following when I run it against a SMTP server that supports TLS: Assertion failed: (nse->iod->sd >= 0), function nsp_add_event, file nsock_core.c, line 1122 Here is my command line: nmap -p 587 --script=ssl-cert.nse smtp.gmail.com I am pretty much out of my depth here. I am going to attach a patch containing the changes I made in case anyone is interested in looking at the code.
Your patch was nearly correct. The problem was that the connected socket id (udata->nsiod) was replaced by a new one (because the general case is we are making a brand new connection). nsock_reconnect_ssl requires a socket already open. I have added a new socket method, reconnect_ssl, that will allow you to remake the socket with ssl. The patch and a test script are attached. If no one has any complaints I'll apply this patch sometime in the next couple days. -- -Patrick Donnelly "Let all men know thee, but no man know thee thoroughly: Men freely ford that see the shallows." - Benjamin Franklin
Attachment:
ssl_reconnect.patch
Description:
Attachment:
test.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 01)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 kx (Oct 01)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 02)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 SM (Oct 02)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 02)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 03)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Patrick Donnelly (Oct 04)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 04)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Tom Sellers (Oct 04)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Fyodor (Oct 04)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Patrick Donnelly (Oct 06)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 Patrick Donnelly (Oct 04)
- Re: NSE: Need advice on pulling SSL cert used for TLS connection over SMTP port 25 kx (Oct 01)