Nmap Development mailing list archives

[NSE] ssl-date

From: Aleksandar Nikolic <nikolic.alek () gmail com>
Date: Mon, 30 Jul 2012 09:57:33 +0200

Hi all,

I've written a script that extracts the remote server's time from
ServerHello ssl reply.
First 4 bytes of server random are actually system time.


Original idea by Jacob Appelbaum and his TeaTime and tlsdate tools:
    - https://github.com/ioerror/TeaTime
    - https://github.com/ioerror/tlsdate

--
-- @output
-- PORT    STATE SERVICE REASON
-- 443/tcp open  https   syn-ack
-- |_ssl-date: Server time 2012-07-30 09:46:07 GMT; 0s from the local time.

The script can be used to detect wrongly set time, or even detect non
standard SSL implementations.

Aleksandar

Attachment: ssl-date.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] ssl-date Aleksandar Nikolic (Jul 30)
- Re: [NSE] ssl-date Jacob Appelbaum (Jul 31)
- Re: [NSE] ssl-date David Fifield (Jul 31)
  - Re: [NSE] ssl-date Aleksandar Nikolic (Jul 31)