diff options
| author | Remy <relst@relst.nl> | 2015-05-24 09:35:28 +0200 |
|---|---|---|
| committer | Remy <relst@relst.nl> | 2015-05-24 09:35:28 +0200 |
| commit | 988f08b9eb952404b94817a973d1a19ff7c6524b (patch) | |
| tree | b23c940603507f240f377ba9278b49ae97dc6190 /functions/variables.php | |
| parent | 5e7e74fe94062683cce82c189cd43dd18c3aff9b (diff) | |
| download | ssl-decoder-988f08b9eb952404b94817a973d1a19ff7c6524b.zip ssl-decoder-988f08b9eb952404b94817a973d1a19ff7c6524b.tar.gz ssl-decoder-988f08b9eb952404b94817a973d1a19ff7c6524b.tar.bz2 | |
Add support for specific endpoints
Diffstat (limited to 'functions/variables.php')
| -rw-r--r-- | functions/variables.php | 127 |
1 files changed, 115 insertions, 12 deletions
diff --git a/functions/variables.php b/functions/variables.php index 28caaa1..7384794 100644 --- a/functions/variables.php +++ b/functions/variables.php @@ -14,10 +14,15 @@ // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. +# timeout in seconds +$timeout = 2; + +# Don't change stuff down here. date_default_timezone_set('UTC'); -ini_set('default_socket_timeout', 2); -$version = 2.4; +$version = 2.5; + +ini_set('default_socket_timeout', 2); $random_blurp = rand(1000,99999); @@ -27,24 +32,122 @@ $ev_oids = array("1.3.6.1.4.1.34697.2.1", "1.3.6.1.4.1.34697.2.2", "1.3.6.1.4.1. $current_folder = get_current_folder(); function parse_hostname($u_hostname){ - # format raymii.org:8080 should auto parse port. - # parts[0]=hostname, parts[1]=port + # format raymii.org:1.2.34.56 should do SNI request to that ip. + # parts[0]=host, parts[1]=ip $port = 0; $hostname = 0; - $parts = explode(":", $u_hostname); - if ((1 <= $parts[1]) && ($parts[1] <= 65535)) { - $parts[1] = preg_replace('/\\s+/', '', $parts[1]); - $parts[1] = preg_replace('/[^A-Za-z0-9\._-]/', '', $parts[1]); - $port = mb_strtolower($parts[1]); - } + $parts = explode(":", $u_hostname, 2); + if (idn_to_ascii($parts[0])) { $parts[0] = idn_to_ascii($parts[0]); } $parts[0] = preg_replace('/\\s+/', '', $parts[0]); - $parts[0] = preg_replace('/[^A-Za-z0-9\.-]/', '', $parts[0]); + $parts[0] = preg_replace('/[^A-Za-z0-9\.\:-]/', '', $parts[0]); $hostname = mb_strtolower($parts[0]); - $result = array('hostname' => $hostname, 'port' => $port); + + if (count($parts) > 1) { + $parts[1] = preg_replace('/\\s+/', '', $parts[1]); + $parts[1] = preg_replace('/[^A-Za-z0-9\.\:_-]/', '', $parts[1]); + if (filter_var($parts[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 ) or filter_var($parts[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) { + $ip = mb_strtolower($parts[1]); + } else { + $ip = fixed_gethostbyname($hostname); + } + } else { + if (filter_var($hostname, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 )) { + $ip = $hostname; + } else { + $dns_a_records = dns_get_record($hostname, DNS_A); + $dns_aaaa_records = dns_get_record($hostname, DNS_AAAA); + $dns_records = array_merge($dns_a_records, $dns_aaaa_records); + if (count($dns_a_records) > 1 or count($dns_aaaa_records) > 1) { + $result = array('hostname' => $hostname, 'ip' => $ip, 'multiple_ip' => $dns_records); + return $result; + } else { + $ip = fixed_gethostbyname($hostname); + } + } + } + if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { + $ip = "[" . $ip . "]"; + } + + $result = array('hostname' => $hostname, 'ip' => $ip); return $result; } +function choose_endpoint($ips, $host, $port, $ciphersuites) { + echo "<div id='page-content-wrapper'>\n"; + echo "<div class='container-fluid'>\n"; + echo "<div class='row'>\n"; + // if ajax-ed, don't show header again + if(empty($_SERVER['HTTP_X_REQUESTED_WITH']) || strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) != 'xmlhttprequest') { + echo "<div class='col-md-10 col-md-offset-1'>\n"; + echo "<div class='page-header'>\n"; + echo "<h1><a style='color:black;' href=\""; + echo(htmlspecialchars($current_folder)); + echo "\">SSL Decoder</a></h1>\n"; + echo "</div>\n"; + } + echo "<div id='preloader'>\n"; + echo "<p>\n"; + echo "<img src=\""; + echo(htmlspecialchars($current_folder)); + echo 'img/ajax-loader.gif" />'; + echo "<br> <br>\n"; + echo "The SSL Decoder is processing your request. Please wait a few moments.<br>\n"; + echo "</p>\n"; + echo "</div>\n"; + echo "<div id='resultDiv'></div>\n"; + + echo "<div class='content'>\n<section id='choose_endpoint'>\n"; + echo "<header>\n<h2>Multiple endpoints for " . htmlspecialchars($host) . "</h2>\n</header>\n"; + echo "<p>We've found multiple results for " . htmlspecialchars($host) . ". Please choose the host you want to scan from the list below:</p>\n<br>\n"; + echo "<ul>\n"; + foreach ($ips as $ip) { + echo "<li>"; + echo "<a href=\""; + echo htmlspecialchars($current_folder); + echo "?host="; + echo htmlspecialchars($host); + echo ":"; + if ($ip['type'] == 'A') { + echo htmlspecialchars($ip['ip']); + } elseif ($ip['type'] == 'AAAA') { + echo "["; + echo htmlspecialchars($ip['ipv6']); + echo "]"; + } + echo "&port="; + echo htmlspecialchars($port); + echo "&ciphersuites="; + if ($ciphersuites == 1) { + echo "1"; + } else { + echo "0"; + } + echo "\">"; + if ($ip['type'] == 'A') { + echo htmlspecialchars($ip['ip']); + } elseif ($ip['type'] == 'AAAA') { + echo "["; + echo htmlspecialchars($ip['ipv6']); + echo "]"; + } + echo " (port: "; + echo htmlspecialchars($port); + echo ")</a>"; + echo "</li>"; + } + + echo "</ul>\n"; + echo "</section></div>\n"; + echo "</div>\n"; + echo "</div>\n"; + echo "</div>\n"; + + require_once("inc/footer.php"); + exit; +} + ?> |