HTTP SSL Certificate Impersonation
This module request a copy of the remote SSL certificate and creates a local (self.signed) version using the information from the remote version. The module then Outputs (PEM|DER) format private key / certificate and a combined version for use in Apache or other Metasploit modules requiring SSLCert Inputs for private key / CA cert have been provided for those with diginator certs hanging about!
Rank
- Normal
Authors
- Chris John Riley < >
Development
Similar Modules
- auxiliary/scanner/http/adobe_xml_inject
- auxiliary/scanner/http/apache_userdir_enum
- auxiliary/scanner/http/axis_local_file_include
- auxiliary/scanner/http/axis_login
- auxiliary/scanner/http/backup_file
- auxiliary/scanner/http/barracuda_directory_traversal
- auxiliary/scanner/http/blind_sql_query
- auxiliary/scanner/http/brute_dirs
- auxiliary/scanner/http/cert
- auxiliary/scanner/http/cisco_device_manager
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/scanner/http/impersonate_ssl
msf auxiliary(impersonate_ssl) > set RHOST [TARGET IP]
msf auxiliary(impersonate_ssl) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/scanner/http/impersonate_ssl
msf auxiliary(impersonate_ssl) > set RHOST [TARGET IP]
msf auxiliary(impersonate_ssl) > run
Module Options
| ADD_CN | Add CN to match spoofed site name (e.g. *.example.com) (default: ) |
| CA_CERT | CA Public certificate (default: ) |
| EXPIRATION | Date the new cert should expire (e.g. 06 May 2012, Yesterday or Now) (default: ) |
| OUT_FORMAT | Output format PEM / DER (default: PEM) |
| PRIVKEY | Sign the cert with your own CA private key ;) (default: ) |
| PRIVKEY_PASSWORD | Password for private key specified in PRIV_KEY (if applicable) (default: ) |
| RHOST | The target address |
| RPORT | The target port (default: 443) |
| CHOST | The local client address |
| CPORT | The local client port |
| ConnectTimeout | Maximum number of seconds to establish a TCP connection |
| Proxies | Use a proxy chain |
| SSL | Negotiate SSL for outgoing connections |
| SSLVersion | Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |
| TCP::max_send_size | Maxiumum tcp segment size. (0 = disable) |
| TCP::send_delay | Delays inserted before every send. (0 = disable) |