Nmap Development mailing list archives

Re: incorrect dates returned by ssl-cert.nse

From: David Fifield <david () bamsoftware com>
Date: Fri, 23 Oct 2009 23:20:42 -0600

On Sat, Oct 24, 2009 at 01:00:51AM -0400, Matt Selsky wrote:

$ nmap --script=ssl-cert.nse -p 443 host.domain

Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-10-24 00:43 EDT
NSE: Script Scanning completed.
Interesting ports on host.domain (192.168.1.1):
PORT    STATE SERVICE
443/tcp open  https
|  ssl-cert: Subject: commonName=host.domain/ 
organizationName=Organization/stateOrProvinceName=State/ 
countryName=Country
|  Issuer: organizationName=Equifax/countryName=US
|  Not valid before: 2008-11-15 21:54:00
|  Not valid after:  2009-12-15 22:54:00
|  MD5:   e71c 81a7 cc93 a3cf 12fd d9e0 45fd d072
|_ SHA-1: 9bbd 2da6 963c 7440 6b75 6ba7 7fea 9da0 2fd4 a266

Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds

But the actual certificate dates are:

2008-10-15 21:54:00
2008-11-15 22:54:00

The NSE script has both dates off by a month.

Let me know if you need access to my public certificate to verify/ 
reproduce the problem.


Thanks, the code was not properly subtracting 1 from the certificate's
month to match what is expected by a struct tm. It is fixed in r15905.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

incorrect dates returned by ssl-cert.nse Matt Selsky (Oct 23)
- Re: incorrect dates returned by ssl-cert.nse David Fifield (Oct 23)