Have an account? Sign in
SSL/TLS
Last updated 7 months ago
Working with SSL/TLS connections is a very important job and it comes in tow shapes. (1) Secure HTTP connection. (2) Secure Socket. To reduce the redundancy, I'll deal with both in this section, instead of putting the http part under Web Kung Fu section.
validate_https_cert.rb
#!/usr/bin/env ruby## KING SABRI | @KINGSABRI#require 'open-uri'def validate_https_cert(target) beginopen("https://#{target}")puts '[+] Valid SSL Certificate!'rescue OpenSSL::SSL::SSLErrorputs '[+] Invalid SSL Certificate!'endendgood_ssl = 'google.com'bad_ssl = 'expired.badssl.com'validate_https_cert good_sslvalidate_https_cert bad_ssl
validate_socket_cert.rb
#!/usr/bin/env ruby## KING SABRI | @KINGSABRI#require 'socket'require 'openssl'def validate_socket_cert(target)ssl_context = OpenSSL::SSL::SSLContext.newssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEERcert_store = OpenSSL::X509::Store.newcert_store.set_default_pathsssl_context.cert_store = cert_storesocket = TCPSocket.new(target, 443)ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)beginssl_socket.connectputs '[+] Valid SSL Certificate!'rescue OpenSSL::SSL::SSLErrorputs '[+] Invalid SSL Certificate!'endendgood_ssl = 'google.com'bad_ssl = 'expired.badssl.com'validate_socket_cert good_sslvalidate_socket_cert bad_ssl
ssl_validator.rb
#!/usr/bin/env ruby## SSL/TLS validator# KING SABRI | @KINGSABRI#def validate_ssl(target, conn_type=:web)case conn_type# Web Based SSLwhen :webrequire 'open-uri'beginopen("https://#{target}")puts '[+] Valid SSL Certificate!'rescue OpenSSL::SSL::SSLErrorputs '[+] Invalid SSL Certificate!'end# Socked Based SSLwhen :socketrequire 'socket'require 'openssl'ssl_context = OpenSSL::SSL::SSLContext.newssl_context.verify_mode = OpenSSL::SSL::VERIFY_PEERcert_store = OpenSSL::X509::Store.newcert_store.set_default_pathsssl_context.cert_store = cert_storesocket = TCPSocket.new(target, 443)ssl_socket = OpenSSL::SSL::SSLSocket.new(socket, ssl_context)beginssl_socket.connectputs '[+] Valid SSL Certificate!'rescue OpenSSL::SSL::SSLErrorputs '[+] Invalid SSL Certificate!'endelseputs '[!] Unknown connection type!'endendgood_ssl = 'google.com'bad_ssl = 'expired.badssl.com'validate_ssl(bad_ssl, :web)validate_ssl(bad_ssl, :socket)validate_ssl(good_ssl, :web)validate_ssl(good_ssl, :socket)
Run it
ruby ssl_validator.rb[+] Invalid SSL Certificate![+] Invalid SSL Certificate![+] Valid SSL Certificate![+] Valid SSL Certificate!