Ejemplo n.º 1
0
    def doVerify(self):
        hosts  = self.get_hosts()
        if hosts == None:
            print("getHosts failed. aborting verification.")
            return

        if self.num_hosts < len(hosts):
            hosts = random.sample(hosts,
                                  self.num_hosts)
        for host in hosts:
            ips = Verifier.resolve_ips(host)
            if not ips:
                self.logger.error(VerifyFailureMsg(host, 0, "Could not resolve hostname."))
                return
            for ip in ips:
                try:
                    print("Retrieving chain for %s (hostname %s)" % (ip, host))
                    chain = get_chain(ip, 443)
                    cvr = CertVerifyReq()
                    # TODO: Find out whether we are behind an SSL proxy
                    cvr.createFromValues(0, chain, host, ip, 443)
                    response = self.send_verify(self.cert, self.cbhostname, cvr)
                    if response != None:
                        self.logger.info(VerifySuccessMsg(host, ip, response.rating, response.judgement))
                except socket.gaierror as e:
                    print "Skipping cert verification of %s due to unsupported IP version (address: %s). Error: %s" % (host, ip, e)
                    self.logger.error(VerifyFailureMsg(host, ip, "Unsupported IP version"))
                except socket.timeout as e:
                    print "Skipping cert verification of %s (IP %s) due to timeout. Error: %s" % (host, ip, e)
                    self.logger.error(VerifyFailureMsg(host, ip, "Timeout"))
                except OpenSSL.SSL.SysCallError as e:
                    print "Skipping cert verification of %s (IP %s) due to OpenSSL syscall error. Error: %s" % (host, ip, e)
                    self.logger.error(VerifyFailureMsg(host, ip, "OpenSSL syscall error"))
Ejemplo n.º 2
0
    def executeHT(self,ht):
        """executes a hunting task"""
        ipv = 4 if ht.type == messageTypes["IPV4_SHA256_TASK"] else 6

        # TODO get this to the report
        if not self.freshen_pip(ipv):
            self.logger.error(HTFailMsg(ht.taskID, ht.targetHost, ht.targetIP, "No PublicIP for Task"))
            print "Skipping execution of task", ht.taskID, "due to the lack",\
                    "of fresh PublicIP for it."
            return None

        # TODO get this to the report      
        chain = get_chain(ht.targetIP,ht.targetPort)
            
        
        witness  = None
        if ht.knownCertHashes:

            ht.cccHashs = compute_chain_hashes(chain)
            #print "Possible hashes are", display(ht.cccHashs)


            for cHash in ht.cccHashs:
                if any(sHash == cHash for sHash in ht.knownCertHashes):
                    witness = cHash
                    break

        # TODO get this to report
        #print "Tracerouting!"
        trace = self.tracer.traceroute(self.hts["pip"][ipv]["not"].publicIPString, ht.targetIP)
        if witness:
            # TODO get this to report
            rep = HTRepKnownCert()
            rep.createFromValues(ht.taskID,
                                 self.hts["cs"].currentServTime(),
                                 self.hts["pip"][ipv]["not"].hmac,
                                 witness,
                                 trace)
        
        else:
            # TODO get this to report
            rep = HTRepNewCert()
            rep.createFromValues(ht.taskID,
                                self.hts["cs"].currentServTime(),
                                self.hts["pip"][ipv]["not"].hmac,
                                chain,
                                trace)
        return rep
Ejemplo n.º 3
0
    def executeHT(self, ht):
        """executes a hunting task"""
        ipv = 4 if ht.type == messageTypes["IPV4_SHA256_TASK"] else 6

        # TODO get this to the report
        if not self.freshen_pip(ipv):
            self.logger.error(
                HTFailMsg(ht.taskID, ht.targetHost, ht.targetIP,
                          "No PublicIP for Task"))
            print "Skipping execution of task", ht.taskID, "due to the lack",\
                    "of fresh PublicIP for it."
            return None

        # TODO get this to the report
        chain = get_chain(ht.targetIP, ht.targetPort)

        witness = None
        if ht.knownCertHashes:

            ht.cccHashs = compute_chain_hashes(chain)
            #print "Possible hashes are", display(ht.cccHashs)

            for cHash in ht.cccHashs:
                if any(sHash == cHash for sHash in ht.knownCertHashes):
                    witness = cHash
                    break

        # TODO get this to report
        #print "Tracerouting!"
        trace = self.tracer.traceroute(
            self.hts["pip"][ipv]["not"].publicIPString, ht.targetIP)
        if witness:
            # TODO get this to report
            rep = HTRepKnownCert()
            rep.createFromValues(ht.taskID, self.hts["cs"].currentServTime(),
                                 self.hts["pip"][ipv]["not"].hmac, witness,
                                 trace)

        else:
            # TODO get this to report
            rep = HTRepNewCert()
            rep.createFromValues(ht.taskID, self.hts["cs"].currentServTime(),
                                 self.hts["pip"][ipv]["not"].hmac, chain,
                                 trace)
        return rep
Ejemplo n.º 4
0
    def doVerify(self):
        hosts = self.get_hosts()
        if hosts == None:
            print("getHosts failed. aborting verification.")
            return

        if self.num_hosts < len(hosts):
            hosts = random.sample(hosts, self.num_hosts)
        for host in hosts:
            ips = Verifier.resolve_ips(host)
            if not ips:
                self.logger.error(
                    VerifyFailureMsg(host, 0, "Could not resolve hostname."))
                return
            for ip in ips:
                try:
                    print("Retrieving chain for %s (hostname %s)" % (ip, host))
                    chain = get_chain(ip, 443)
                    cvr = CertVerifyReq()
                    # TODO: Find out whether we are behind an SSL proxy
                    cvr.createFromValues(0, chain, host, ip, 443)
                    response = self.send_verify(self.cert, self.cbhostname,
                                                cvr)
                    if response != None:
                        self.logger.info(
                            VerifySuccessMsg(host, ip, response.rating,
                                             response.judgement))
                except socket.gaierror as e:
                    print "Skipping cert verification of %s due to unsupported IP version (address: %s). Error: %s" % (
                        host, ip, e)
                    self.logger.error(
                        VerifyFailureMsg(host, ip, "Unsupported IP version"))
                except socket.timeout as e:
                    print "Skipping cert verification of %s (IP %s) due to timeout. Error: %s" % (
                        host, ip, e)
                    self.logger.error(VerifyFailureMsg(host, ip, "Timeout"))
                except OpenSSL.SSL.SysCallError as e:
                    print "Skipping cert verification of %s (IP %s) due to OpenSSL syscall error. Error: %s" % (
                        host, ip, e)
                    self.logger.error(
                        VerifyFailureMsg(host, ip, "OpenSSL syscall error"))