Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] SSL Fingerprint Matching

From: Mak Kolybabi <mak () kolybabi com>
Date: Mon, 20 Dec 2010 21:37:47 -0600
Attached is a script that connects to SSL services and checks if the host's
fingerprint is in a given list. Also attached is a list containing the 2011
fingerprints from Little Black Box 0.1. While I have used this list by default,
other lists such as the Debian blacklist could be used as well. Each fingerprint
is associated with a short message to state why it is in the list, or where it
came from.

If we had compression libraries available, including these lists of fingerprints
with Nmap would be easier.

Comments, concerns, criticism, and testing are appreciated.

--
Mak Kolybabi
<mak () kolybabi com>

() ASCII Ribbon Campaign | Against HTML e-mail
/\  www.asciiribbon.org  | Against proprietary extensions

Attachment: ssl-known_key.nse
Description:

Attachment: ssl-fingerprints.txt
Description: 

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: