Nmap Development mailing list archives
Re: incorrect dates returned by ssl-cert.nse
From: David Fifield <david () bamsoftware com>
Date: Fri, 23 Oct 2009 23:20:42 -0600
On Sat, Oct 24, 2009 at 01:00:51AM -0400, Matt Selsky wrote:
$ nmap --script=ssl-cert.nse -p 443 host.domain Starting Nmap 5.05BETA1 ( http://nmap.org ) at 2009-10-24 00:43 EDT NSE: Script Scanning completed. Interesting ports on host.domain (192.168.1.1): PORT STATE SERVICE 443/tcp open https | ssl-cert: Subject: commonName=host.domain/ organizationName=Organization/stateOrProvinceName=State/ countryName=Country | Issuer: organizationName=Equifax/countryName=US | Not valid before: 2008-11-15 21:54:00 | Not valid after: 2009-12-15 22:54:00 | MD5: e71c 81a7 cc93 a3cf 12fd d9e0 45fd d072 |_ SHA-1: 9bbd 2da6 963c 7440 6b75 6ba7 7fea 9da0 2fd4 a266 Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds But the actual certificate dates are: 2008-10-15 21:54:00 2008-11-15 22:54:00 The NSE script has both dates off by a month. Let me know if you need access to my public certificate to verify/ reproduce the problem.
Thanks, the code was not properly subtracting 1 from the certificate's month to match what is expected by a struct tm. It is fixed in r15905. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- incorrect dates returned by ssl-cert.nse Matt Selsky (Oct 23)
- Re: incorrect dates returned by ssl-cert.nse David Fifield (Oct 23)