Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

add dns flag #350

Merged
merged 8 commits into from
Sep 19, 2023
Merged
Show file tree
Hide file tree
Changes from 6 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions cmd/tlsx/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -132,6 +132,7 @@ func readFlags() error {
flagSet.CreateGroup("output", "Output",
flagSet.StringVarP(&options.OutputFile, "output", "o", "", "file to write output to"),
flagSet.BoolVarP(&options.JSON, "json", "j", false, "display json format output"),
flagSet.BoolVar(&options.DisplayDns, "dns", false, "display unique hostname from SSL certificate response"),
flagSet.BoolVarP(&options.RespOnly, "resp-only", "ro", false, "display tls response only"),
flagSet.BoolVar(&options.Silent, "silent", false, "display silent output"),
flagSet.BoolVarP(&options.NoColor, "no-color", "nc", false, "disable colors in cli output"),
Expand Down
46 changes: 46 additions & 0 deletions internal/runner/runner.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package runner

import (
"bufio"
"bytes"
"net"
"net/url"
"os"
Expand All @@ -15,6 +16,7 @@ import (
"github.com/projectdiscovery/gologger"
"github.com/projectdiscovery/gologger/formatter"
"github.com/projectdiscovery/gologger/levels"
"github.com/projectdiscovery/hmap/store/hybrid"
"github.com/projectdiscovery/mapcidr"
"github.com/projectdiscovery/mapcidr/asn"
"github.com/projectdiscovery/tlsx/pkg/output"
Expand All @@ -24,10 +26,13 @@ import (
"github.com/projectdiscovery/tlsx/pkg/tlsx/openssl"
errorutil "github.com/projectdiscovery/utils/errors"
iputil "github.com/projectdiscovery/utils/ip"
mapsutil "github.com/projectdiscovery/utils/maps"
sliceutil "github.com/projectdiscovery/utils/slice"
updateutils "github.com/projectdiscovery/utils/update"
)

var hostnamesHm *hybrid.HybridMap

// Runner is a client for running the enumeration process
type Runner struct {
hasStdin bool
Expand Down Expand Up @@ -108,6 +113,11 @@ func New(options *clients.Options) (*Runner, error) {
}
runner.outputWriter = outputWriter

hostnamesHm, err = hybrid.New(hybrid.DefaultDiskOptions)
if err != nil {
return nil, errorutil.NewWithErr(err).Msgf("could not create hmap for hostnames")
}

return runner, nil
}

Expand Down Expand Up @@ -147,6 +157,17 @@ func (r *Runner) Execute() error {
close(inputs)
wg.Wait()

//FIXME: this is a hack to print deduplicated hostnames
if r.options.DisplayDns && !r.options.JSON {
builder := &bytes.Buffer{}
hostnamesHm.Scan(func(k, _ []byte) error {
builder.WriteString(string(k))
builder.WriteString("\n")
return nil
})
_, _ = os.Stdout.Write(builder.Bytes())
}

// Print the stats if auto fallback mode is used
if r.options.ScanMode == "auto" {
gologger.Info().Msgf("Connections made using crypto/tls: %d, zcrypto/tls: %d, openssl: %d", stats.LoadCryptoTLSConnections(), stats.LoadZcryptoTLSConnections(), stats.LoadOpensslTLSConnections())
Expand Down Expand Up @@ -180,14 +201,39 @@ func (r *Runner) processInputElementWorker(inputs chan taskInput, wg *sync.WaitG
if err != nil {
gologger.Warning().Msgf("Could not connect input %s: %s", task.Address(), err)
}

if response != nil {
if r.options.DisplayDns && response.CertificateResponse != nil {
uniqueHostnames := getUniqueHostnamesPerInput(response.CertificateResponse)
response.CertificateResponse.Hostname = uniqueHostnames
for _, hostname := range uniqueHostnames {
_ = hostnamesHm.Set(hostname, nil)
}
}

if err := r.outputWriter.Write(response); err != nil {
gologger.Warning().Msgf("Could not write output %s: %s", task.Address(), err)
}
}
}
}

func getUniqueHostnamesPerInput(certResponse *clients.CertificateResponse) []string {
hostnameSet := map[string]struct{}{}
if certResponse.SubjectCN != "" {
hostnameSet[trimWildcardPrefix(certResponse.SubjectCN)] = struct{}{}
}
for _, hostname := range certResponse.SubjectAN {
hostnameSet[trimWildcardPrefix(hostname)] = struct{}{}
}

return mapsutil.GetKeys(hostnameSet)
}

func trimWildcardPrefix(hostname string) string {
return strings.TrimPrefix(hostname, "*.")
}

// normalizeAndQueueInputs normalizes the inputs and queues them for execution
func (r *Runner) normalizeAndQueueInputs(inputs chan taskInput) error {
// Process Normal Inputs
Expand Down
4 changes: 4 additions & 0 deletions pkg/tlsx/clients/clients.go
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,8 @@ type Options struct {
Version bool
// JSON enables display of JSON output
JSON bool
// DisplayDns enables display of unique hostname from SSL certificate response
DisplayDns bool
// TLSChain enables printing TLS chain information to output
TLSChain bool
// Deprecated: AllCiphers exists for historical compatibility and should not be used
Expand Down Expand Up @@ -269,6 +271,8 @@ type CertificateResponse struct {
SubjectOrg []string `json:"subject_org,omitempty"`
// SubjectAN is a list of Subject Alternative Names for the certificate
SubjectAN []string `json:"subject_an,omitempty"`
// Hostname is list of deduplicated subject_cn + subject_an
Hostname []string `json:"hostname,omitempty"`
//Serial is the certificate serial number
Serial string `json:"serial,omitempty"`
// IssuerDN is the distinguished name for cert
Expand Down
Loading