RubyGems - fakessl - Versions diffs - 0.0.2 → 0.0.3 - Mend

fakessl 0.0.2 → 0.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

data/README.md CHANGED Viewed

@@ -7,7 +7,7 @@ FakeSSL impersonates an HTTPS server and prints the client requests.
 Download and unzip the master zip from github and execute the following into fakessl dir
     $ gem build ./fakessl.gemspec
-    $ gem install fakessl-0.0.1.gem
+    $ gem install fakessl-0.0.3.gem
 Or install it as:
@@ -15,18 +15,35 @@ Or install it as:
 ## Usage
-    $ sudo fakessl -s localhost -p 443
+Generate a certificate:
+    $ fakessl -g test.org
+      [+] Generating fake key and certificate for test.org
+Use the previous certificate and key to setup a fake HTTPS server on port 443:
+    $ sudo fakessl -c test.org.cert -k test.org.key -p 443
+      Password:
+      [+] Fake test.org is listening on port 443
+      [+] Client requests are:
+      => GET /advv HTTP/1.1
+Single command line to generate certificate and key and setup the HTTPS server:
+    $ sudo fakessl -g test.org -p 443
       Password:
-      [+] Generating fake SSL certificate for localhost
-      Generating a 4096 bit RSA private key
-      ........++
-      ................................................................++
-      writing new private key to 'localhost.key'
-      -----
-      [+] Fake localhost is listening on port 443
+      [+] Generating fake key and certificate for test.org
+      [+] Fake test.org is listening on port 443
       [+] Client requests are:
       => GET /byy.html HTTP/1.1
+In case you need to use it with a browser that checks the authenticity
+of the certificate you need to import the generated certificate as trusted.
+Firefox example.
+Go to Edit -> Preferences -> Advanced -> View Certificates -> Servers -> Import
+-> Choose the certificate from your drive after generating it.
+Then select the imported certificate and click on the button "Edit Trust...".
+Inside the Firefox window enable "Trust the authenticity of this certificate"
 ## Contributing

data/bin/fakessl CHANGED Viewed

@@ -14,13 +14,23 @@ options = {}
 optparse = OptionParser.new do |opts|
-  opts.banner = "Usage: ./fakessl.rb -s HOSTNAME -p PORT"
+  opts.banner = "Usage: fakessl -g DOMAIN_NAME -p PORT\n" \
+                "Examples:\n" \
+                "1. Only generate fake certificates: fakessl -g test.org\n" \
+                "2. Generate fake certificate and setup server: fakessl -g test.org -p 5000\n" \
+                "3. Setup server using other external certificates: fakessl -c domain.cert -k domain.key -p 5000\n"
   opts.on('-h', '--help', 'Display this menu') do
     puts opts
     exit
   end
-  opts.on('-s', '--server HOSTNAME', 'Server that FakeSSL should impersonate') do |f|
-    options[:server] = f
+  opts.on('-g', '--generate DOMAIN_NAME', 'FakeSSL certificate generation') do |f|
+    options[:domain] = f
+  end
+  opts.on('-c', '--certificate FILE', 'FakeSSL certificate') do |f|
+    options[:certificate] = f
+  end
+  opts.on('-k', '--key FILE', 'FakeSSL private key') do |f|
+    options[:key] = f
   end
   opts.on('-p', '--port PORT', 'Port that FakeSSL should bind eg. 443') do |f|
     if f.is_integer?
@@ -35,12 +45,23 @@ end
 optparse.parse!
-if (!(options[:server].nil?) && !(options[:port].nil?))
+if options[:domain] && options[:port].nil?
+  cert = FakeSSL::Cert.new(options[:domain])
+  cert.generate
+elsif options[:domain] && options[:port]
+  cert = FakeSSL::Cert.new(options[:domain])
+  cert.generate
+  server = FakeSSL::Server.new(options[:port])
+elsif (!(options[:certificate].nil?) && !(options[:key].nil?) && !(options[:port].nil?))
   if Integer(options[:port]) < 1025
     raise "Must run as root" unless Process.uid == 0
   end
-  server = FakeSSL.new(options[:server],options[:port])
+  cert = FakeSSL::cert_path(options[:certificate],options[:key])
+  server = FakeSSL::Server.new(options[:port])
 else
-  $stdout.puts "[-] Mandatory Parameter is missing, try fakessl.rb -h"
+  puts "[-] Mandatory Parameter is missing, try `fakessl -h`"
 end

data/lib/fakessl/fakessl.rb CHANGED Viewed

@@ -1,45 +1,88 @@
 require 'socket'
 require 'openssl'
-class FakeSSL
-  def initialize(hostname,lport)
-    @hostname = hostname
-    @lport = lport.to_i
-    $stdout.puts "[+] Generating fake SSL certificate for #{@hostname}"
-    generate_certificate
-    sslServer = server_setup
-    $stdout.puts "[+] Fake #{@hostname} is listening on port #{@lport}"
-    get_request(sslServer)
-  end
+module FakeSSL
-  def generate_certificate
-    %x[openssl req -new -newkey rsa:4096 -days 365 -nodes -x509 -subj "/C=US/ST=Denial/L=Springfield/O=Dis/CN=#{@hostname}" -keyout #{@hostname}.key  -out #{@hostname}.cert]
-  end
+  class << self; attr_accessor :domain, :cert, :key; end
-  def server_setup
-    server = TCPServer.new('localhost', @lport)
-    sslContext = OpenSSL::SSL::SSLContext.new
-    #certificate
-    sslContext.cert = OpenSSL::X509::Certificate.new(File.open("#{@hostname}.cert"))
-    #private key
-    sslContext.key = OpenSSL::PKey::RSA.new(File.open("#{@hostname}.key"))
-    sslServer = OpenSSL::SSL::SSLServer.new(server,sslContext)
-    return sslServer
+  FakeSSL.domain = nil
+  FakeSSL.cert = nil
+  FakeSSL.key = nil
+  def FakeSSL.cert_path(fcert, fkey)
+    FakeSSL.cert = fcert
+    FakeSSL.key = fkey
+    FakeSSL.domain = fcert.chomp(".cert")
   end
-  def get_request(sslServer)
-    $stdout.puts "[+] Client requests are: "
-    loop do
-      conn = sslServer.accept
-      lineIn = conn.gets
-      if !lineIn.nil?
-        $stdout.puts "=> " + lineIn
-      end
+  class Cert
+    def initialize(domain)
+      FakeSSL.domain = domain
     end
+    public
+      def generate
+        puts "[+] Generating fake key and certificate for #{FakeSSL.domain}"
+        #generate keys
+        key = OpenSSL::PKey::RSA.new 4096
+        open "#{FakeSSL.domain}.key", 'w' do |io| io.write key.to_pem end
+        #generate certificate
+        name = OpenSSL::X509::Name.parse "CN=#{FakeSSL.domain}/DC=server"
+        cert = OpenSSL::X509::Certificate.new
+        cert.version = 2
+        cert.serial = 0
+        cert.not_before = Time.now
+        cert.not_after = Time.now +  ( 3600 * 24 * 365 )
+        cert.public_key = key.public_key
+        cert.subject = name
+        #selfsign certificate
+        cert.issuer = name
+        cert.sign key, OpenSSL::Digest::SHA1.new
+        open "#{FakeSSL.domain}.cert", 'w' do |io| io.write cert.to_pem end
+      end
   end
-  private :generate_certificate, :server_setup, :get_request
+  class Server
+    def initialize(lport)
+      @lport = lport.to_i
+      sslServer = server_setup
+      puts "[+] Fake #{FakeSSL.domain} is listening on port #{@lport}"
+      get_request(sslServer)
+    end
+    private
+      def server_setup
+        server = TCPServer.new('localhost', @lport)
+        sslContext = OpenSSL::SSL::SSLContext.new
+        #certificate
+        if FakeSSL.cert.nil?
+          sslContext.cert = OpenSSL::X509::Certificate.new(File.open("#{FakeSSL.domain}.cert"))
+        else
+          sslContext.cert = OpenSSL::X509::Certificate.new(File.open("#{FakeSSL.cert}"))
+        end
+        #private key
+        if FakeSSL.key.nil?
+          sslContext.key = OpenSSL::PKey::RSA.new(File.open("#{FakeSSL.domain}.key"))
+        else
+          sslContext.key = OpenSSL::PKey::RSA.new(File.open("#{FakeSSL.key}"))
+        end
+        sslServer = OpenSSL::SSL::SSLServer.new(server,sslContext)
+        return sslServer
+      end
+      def get_request(sslServer)
+        puts "[+] Client requests are: "
+        loop do
+          conn = sslServer.accept
+          lineIn = conn.gets
+          if !lineIn.nil?
+            puts "=> " + lineIn
+          end
+        end
+      end
+  end
 end

data/lib/fakessl/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module Fakessl
-  VERSION = "0.0.2"
+  VERSION = "0.0.3"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: fakessl
 version: !ruby/object:Gem::Version
-  version: 0.0.2
+  version: 0.0.3
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2012-12-14 00:00:00.000000000 Z
+date: 2013-01-02 00:00:00.000000000 Z
 dependencies: []
 description: FakeSSL impersonates an HTTPS server and prints the client requests
 email:
@@ -48,7 +48,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 1.8.24
+rubygems_version: 1.8.23
 signing_key:
 specification_version: 3
 summary: FakeSSL impersonates an HTTPS server and prints the client requests