Method: Rex::SSLScan::Scanner#get_cert

Defined in:
lib/rex/sslscan/scanner.rb

#get_cert(ssl_version, cipher) ⇒ OpenSSL::X509::Certificate, Nil

Retrieve the X509 Cert from the target service,

Parameters:

  • ssl_version (Symbol)

    The SSL version to use (:SSLv2, :SSLv3, :TLSv1)

  • cipher (String)

    The SSL Cipher to use

Returns:

  • (OpenSSL::X509::Certificate)

    if the certificate was retrieved

  • (Nil)

    if the cert couldn't be retrieved



147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
 
# File 'lib/rex/sslscan/scanner.rb', line 147

def get_cert(ssl_version, cipher)
  validate_params(ssl_version,cipher)
  begin
    scan_client = Rex::Socket::Tcp.create(
      'PeerHost'   => @host,
      'PeerPort'   => @port,
      'SSL'        => true,
      'SSLVersion' => ssl_version,
      'SSLCipher'  => cipher,
      'Timeout'    => @timeout
    )
    cert = scan_client.peer_cert
    if cert.kind_of? OpenSSL::X509::Certificate
      return cert
    else
      return nil
    end
  rescue ::Exception => e
    return nil
  ensure
    if scan_client
      scan_client.close
    end
  end
end