Class: Ronin::CLI::Commands::CertDump Private
- Inherits:
-
ValueProcessorCommand
- Object
- Core::CLI::Command
- Ronin::CLI::Command
- ValueProcessorCommand
- Ronin::CLI::Commands::CertDump
- Includes:
- CommandKit::Printing::Fields, CommandKit::Printing::Indent, CommandKit::Printing::Lists, HostAndPort, Support::Network::SSL::Mixin
- Defined in:
- lib/ronin/cli/commands/cert_dump.rb
Overview
This class is part of a private API. You should avoid using this class if possible, as it may be removed or be changed in the future.
Prints information for SSL/TLS certificates.
Usage
ronin cert-dump [options] {HOST:PORT | URL | FILE} ...
Options
-f, --file FILE Optional file to read values from
-C, --common-name Only prints the Common Name (CN)
-A, --subject-alt-names Only prints the subjectAltNames
-E, --extensions Print all certificate extensions
-h, --help Print help information
Arguments
HOST:PORT | URL | FILE ... A HOST:PORT, URL, or cert FILE
Examples
ronin cert-dump ssl.crt
ronin cert-dump github.com:443
ronin cert-dump https://github.com/
ronin cert-dump -C 93.184.216.34:443
ronin cert-dump -A wired.com:443
Instance Attribute Summary
Attributes inherited from ValueProcessorCommand
Instance Method Summary collapse
-
#print_cert(cert) ⇒ Object
private
Prints the certificate.
-
#print_cert_name(name) ⇒ Object
private
Prints the X509 name.
-
#print_extension(ext) ⇒ Object
private
Prints a certificate extension.
-
#print_extensions(cert) ⇒ Object
private
Prints the certificates extensions.
-
#print_full_cert(cert) ⇒ Object
private
Prints the full verbose information about the certificate.
-
#print_public_key(public_key) ⇒ Object
private
Prints the public key.
-
#process_value(value) ⇒ Object
private
Runs the
ronin cert-dump
command.
Methods included from HostAndPort
#host_and_port, #host_and_port_from_url
Methods inherited from ValueProcessorCommand
#initialize, #process_file, #run
Constructor Details
This class inherits a constructor from Ronin::CLI::ValueProcessorCommand
Instance Method Details
#print_cert(cert) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints the certificate.
129 130 131 132 133 134 135 136 137 138 139 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 129 def print_cert(cert) if [:common_name] puts "#{cert.common_name}" elsif [:subject_alt_names] if (alt_names = cert.subject_alt_names) alt_names.each { |name| puts name } end else print_full_cert(cert) end end |
#print_cert_name(name) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints the X509 name.
221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 221 def print_cert_name(name) fields = {} if name.common_name fields["Common Name"] = name.common_name end if name.organization fields["Organization"] = name.organization end if name.organizational_unit fields["Organizational Unit"] = name.organizational_unit end if name.locality fields["Locality"] = name.locality end if name.state fields["State"] = name.state end if name.country fields["Country"] = name.country end print_fields(fields) end |
#print_extension(ext) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints a certificate extension.
269 270 271 272 273 274 275 276 277 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 269 def print_extension(ext) puts "#{ext.oid}:" indent do ext.value.each_line do |line| puts line end end end |
#print_extensions(cert) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints the certificates extensions.
256 257 258 259 260 261 262 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 256 def print_extensions(cert) cert.extensions.each_with_index do |ext,index| puts if index > 0 print_extension(ext) end end |
#print_full_cert(cert) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints the full verbose information about the certificate.
146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 146 def print_full_cert(cert) fields = {} fields["Serial"] = cert.serial fields["Version"] = cert.version fields["Not Before"] = cert.not_before if cert.not_before fields["Not After"] = cert.not_after if cert.not_after print_fields(fields) puts print_public_key(cert.public_key) puts puts "Subject:" indent do print_cert_name(cert.subject) if (alt_names = cert.subject_alt_names) puts "Alt Names:" puts indent do alt_names.each { |name| puts name } end end end puts puts "Issuer:" indent do print_cert_name(cert.issuer) end puts if [:extensions] puts "Extensions:" indent do print_extensions(cert) end end end |
#print_public_key(public_key) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Prints the public key.
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 195 def print_public_key(public_key) puts "Public Key:" indent do fields = {} case public_key when OpenSSL::PKey::RSA fields['Type'] = 'RSA' when OpenSSL::PKey::EC fields['Type'] = 'EC' end print_fields(fields) public_key.to_text.each_line do |line| puts line end end end |
#process_value(value) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Runs the ronin cert-dump
command.
102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 |
# File 'lib/ronin/cli/commands/cert_dump.rb', line 102 def process_value(value) case value when /\A[^:]+:\d+\z/ host, port = host_and_port(value) print_cert(ssl_cert(host,port)) when /\Ahttps:/ host, port = host_and_port_from_url(value) print_cert(ssl_cert(host,port)) else unless File.file?(value) print_error "no such file or directory: #{value}" exit(1) end cert = Support::Crypto::Cert.load_file(value) print_cert(cert) end end |