def handleEvent(self, event):
eventName = event.eventType
srcModuleName = event.module
eventData = event.data
self.sf.debug("Received event, " + eventName + ", from " + srcModuleName)
if eventName == "LINKED_URL_INTERNAL":
fqdn = self.sf.urlFQDN(eventData.lower())
else:
fqdn = eventData
if fqdn not in self.results:
self.results[fqdn] = True
else:
return None
if not eventData.lower().startswith("https://") and not self.opts['tryhttp']:
return None
self.sf.debug("Testing SSL for: " + eventData)
# Re-fetch the certificate from the site and process
try:
s = socket.socket()
s.settimeout(int(self.opts['ssltimeout']))
s.connect((fqdn, 443))
sock = ssl.wrap_socket(s)
sock.do_handshake()
rawcert = sock.getpeercert(True)
cert = ssl.DER_cert_to_PEM_cert(rawcert)
m2cert = M2Crypto.X509.load_cert_string(str(cert).replace('\r', ''))
except BaseException as x:
self.sf.info("Unable to SSL-connect to " + fqdn + ": " + str(x))
return None
# Generate the event for the raw cert (in text form)
# Cert raw data text contains a lot of gems..
rawevt = SpiderFootEvent("SSL_CERTIFICATE_RAW",
m2cert.as_text().encode('raw_unicode_escape'),
self.__name__, event)
self.notifyListeners(rawevt)
# Generate events for other cert aspects
self.getIssued(m2cert, event)
self.getIssuer(m2cert, event)
self.checkHostMatch(m2cert, fqdn, event)
self.checkExpiry(m2cert, event)
# Report back who the certificate was issued to
评论列表
文章目录
