Re: [NSE] SSL Fingerprint Matching

[David Fifield <david () bamsoftware com>]

On Sun, Mar 20, 2011 at 10:13:40PM -0500, Mak Kolybabi wrote:
> On 2011-02-22 13:24, David Fifield wrote:
> > To save space, how about storing hashes in the database without colons
> > separating bytes? They can continue to be shown in output.
>
> The script now has a function that adds the colons back in when the file is read
> in.
>
> > The output looks like this:
> >
> >     |_ssl-known-key: 00:28:E7:D4:9C:FA:4A:A5:98:4F:E4:97:EB:73:48:56:07:87:E4:96 is in the database with reason 
> > Little Black Box 0.1.
> >
> > Please change it to be
> >
> >     |_ssl-known-key: Found in Little Black Box 0.1 - http://code.google.com/p/littleblackbox/ (certificate hash: 
> > 00:28:E7:D4:9C:FA:4A:A5:98:4F:E4:97:EB:73:48:56:07:87:E4:96)
> >
> > This will give users a little more context if they don't know what the
> > script is for.
>
> The script output has been flipped around to match the second format.
>
> > Related to that, it would be nice if the description string didn't have to be
> > repeated for hashes with the same description. Could the data file be reworked
> > into something like this:
> >
> > [Little Black Box 0.1 - http://code.google.com/p/littleblackbox/]
> > 00:28:E7:D4:9C:FA:4A:A5:98:4F:E4:97:EB:73:48:56:07:87:E4:96
> > 00:3A:E5:45:D6:9C:47:FB:1C:C2:53:59:AA:D7:54:62:D6:D7:89:90
> > 00:3C:F1:AB:48:B4:6C:41:5E:48:15:10:3F:F8:28:AC:7C:60:D5:51
>
> The script has been changed to accept sections in square brackets. Any
> fingerprint before the first section is ignored and a warning is printed.

Thanks for finishing this and for writing the script in the first place.
It's always a pleasure to work with your code. I've just committed it.

David Fifield
_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://seclists.org/nmap-dev/