SSL/TLS

Working with SSL/TLS connections is a very important job and it comes in tow shapes. (1) Secure HTTP connection. (2) Secure Socket. To reduce the redundancy, I'll deal with both in this section, instead of putting the http part under Web Kung Fu section.
Certificate Validation
Validate HTTPS Certificate
validate_https_cert.rb
#!/usr/bin/env ruby
#
# KING SABRI | @KINGSABRI
#
require 'open-uri'
​
def validate_https_cert(target)  begin
    open("https://#{target}")
    puts '[+] Valid SSL Certificate!'
  rescue OpenSSL::SSL::SSLError
    puts '[+] Invalid SSL Certificate!'
  end
end
​
good_ssl = 'google.com'
bad_ssl  = 'expired.badssl.com'
​
validate_https_cert good_ssl
validate_https_cert bad_ssl
Validate Secure Socket Certificate
validate_socket_cert.rb
#!/usr/bin/env ruby
#
# KING SABRI | @KINGSABRI
#
require 'socket'
require 'openssl'
​
def validate_socket_cert(target)
  ssl_context = OpenSSL::SSL::SSLContext.new  
  ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER  
  cert_store = OpenSSL::X509::Store.new  
  cert_store.set_default_paths  
  ssl_context.cert_store = cert_store  
  socket = TCPSocket.new(target, 443)  
  ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)  
  begin    
    ssl_socket.connect    
    puts '[+] Valid SSL Certificate!'  
  rescue OpenSSL::SSL::SSLError    
    puts '[+] Invalid SSL Certificate!'  
  end
end
​
good_ssl = 'google.com'
bad_ssl  = 'expired.badssl.com'
​
validate_socket_cert good_ssl
validate_socket_cert bad_ssl
Putting all together
ssl_validator.rb
#!/usr/bin/env ruby
#
# SSL/TLS validator
# KING SABRI | @KINGSABRI
#
​
def validate_ssl(target, conn_type=:web)
​
  case conn_type
    # Web Based SSL
    when :web
      require 'open-uri'
​
      begin
        open("https://#{target}")
        puts '[+] Valid SSL Certificate!'
      rescue OpenSSL::SSL::SSLError
        puts '[+] Invalid SSL Certificate!'
      end
    # Socked Based SSL
    when :socket
      require 'socket'
      require 'openssl'
​
      ssl_context = OpenSSL::SSL::SSLContext.new
      ssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEER
      cert_store = OpenSSL::X509::Store.new
      cert_store.set_default_paths
      ssl_context.cert_store = cert_store
      socket = TCPSocket.new(target, 443)
      ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)
​
      begin
        ssl_socket.connect
        puts '[+] Valid SSL Certificate!'
      rescue OpenSSL::SSL::SSLError
        puts '[+] Invalid SSL Certificate!'
      end
​
    else
      puts '[!] Unknown connection type!'
  end
​
end
​
​
good_ssl = 'google.com'
bad_ssl  = 'expired.badssl.com'
​
validate_ssl(bad_ssl, :web)
validate_ssl(bad_ssl, :socket)
​
validate_ssl(good_ssl, :web)
validate_ssl(good_ssl, :socket)
Run it
ruby ssl_validator.rb
​
[+] Invalid SSL Certificate!
[+] Invalid SSL Certificate!
[+] Valid SSL Certificate!
[+] Valid SSL Certificate!

Ruby Socket

SSID Finder

Last modified 4yr ago