defaults

package
v0.0.0-...-e4757b4 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jan 25, 2021 License: Apache-2.0, Apache-2.0, ISC Imports: 16 Imported by: 0

Documentation

Index

Constants

View Source 
const CONNECTION_ATTEMPTS = 2
View Source 
const HTTP_TIMEOUT = 90 * time.Second
View Source 
const SESSION_RESUMPTION_DELAY = 5

Variables

View Source 
var ALPN_PROTOS = []string{"http/0.9", "http/1.0", "http/1.1", "spdy/1", "spdy/2", "spdy/3", "stun.turn", "stun.nat-discovery", "h2", "h2c", "h3", "hq", "webrtc", "c-webrtc", "ftp", "imap", "pop3", "managesieve", "coap", "xmpp-client", "xmpp-server"}
View Source 
var CIPHERS_BROWSER_UNION = []tls.CipherSuite{0x009d, 0xcca9, 0x000a, 0x0033, 0xc028, 0xc02c, 0xc030, 0xcca8, 0x003c, 0xc024, 0xc012, 0x002f, 0xc023, 0xc008, 0x0039, 0xc014, 0xc02b, 0xc013, 0xc02f, 0xc00a, 0x0035, 0xc027, 0xc009, 0x003d, 0x009c}

CHROME + FIREFOX + SAFARI + EDGE

View Source 
var CIPHERS_BY_VERSION = map[tls.TLSVersion][]tls.CipherSuite{
	tls.VersionTLS12: []tls.CipherSuite{0x0001, 0x0002, 0x0003, 0x0004, 0x0005, 0x0006, 0x0007, 0x0008, 0x0009, 0x000a, 0x0014, 0x0015, 0x0016, 0x002f, 0x0033, 0x0035, 0x0039, 0x003b, 0x003c, 0x003d, 0x0041, 0x0045, 0x0067, 0x006b, 0x0084, 0x0088, 0x0096, 0x009a, 0x009c, 0x009d, 0x009e, 0x009f, 0x00ba, 0x00be, 0x00c0, 0x00c4, 0x1301, 0x1302, 0x1303, 0x1304, 0x1305, 0xc006, 0xc007, 0xc008, 0xc009, 0xc00a, 0xc010, 0xc011, 0xc012, 0xc013, 0xc014, 0xc023, 0xc024, 0xc027, 0xc028, 0xc02b, 0xc02c, 0xc02f, 0xc030, 0xc03c, 0xc03d, 0xc044, 0xc045, 0xc048, 0xc049, 0xc04c, 0xc04d, 0xc050, 0xc051, 0xc052, 0xc053, 0xc05c, 0xc05d, 0xc060, 0xc061, 0xc072, 0xc073, 0xc076, 0xc077, 0xc07a, 0xc07b, 0xc07c, 0xc07d, 0xc086, 0xc087, 0xc08a, 0xc08b, 0xc09c, 0xc09d, 0xc09e, 0xc09f, 0xc0a0, 0xc0a1, 0xc0a2, 0xc0a3, 0xc0ac, 0xc0ad, 0xc0ae, 0xc0af, 0xcca8, 0xcca9, 0xccaa},
	tls.VersionTLS11: []tls.CipherSuite{0x0001, 0x0002, 0x0003, 0x0004, 0x0005, 0x0006, 0x0007, 0x0008, 0x0009, 0x000a, 0x0014, 0x0015, 0x0016, 0x002f, 0x0033, 0x0035, 0x0039, 0x003b, 0x003c, 0x003d, 0x0041, 0x0045, 0x0067, 0x006b, 0x0084, 0x0088, 0x0096, 0x009a, 0x009c, 0x009d, 0x009e, 0x009f, 0x00ba, 0x00be, 0x00c0, 0x00c4, 0xc006, 0xc007, 0xc008, 0xc009, 0xc00a, 0xc010, 0xc011, 0xc012, 0xc013, 0xc014, 0xc023, 0xc024, 0xc027, 0xc028, 0xc02b, 0xc02c, 0xc02f, 0xc030, 0xc03c, 0xc03d, 0xc044, 0xc045, 0xc048, 0xc049, 0xc04c, 0xc04d, 0xc050, 0xc051, 0xc052, 0xc053, 0xc05c, 0xc05d, 0xc060, 0xc061, 0xc072, 0xc073, 0xc076, 0xc077, 0xc07a, 0xc07b, 0xc07c, 0xc07d, 0xc086, 0xc087, 0xc08a, 0xc08b, 0xc09c, 0xc09d, 0xc09e, 0xc09f, 0xc0a0, 0xc0a1, 0xc0a2, 0xc0a3, 0xc0ac, 0xc0ad, 0xc0ae, 0xc0af, 0xcca8, 0xcca9, 0xccaa},
	tls.VersionTLS10: []tls.CipherSuite{0x0001, 0x0002, 0x0003, 0x0004, 0x0005, 0x0006, 0x0007, 0x0008, 0x0009, 0x000a, 0x0014, 0x0015, 0x0016, 0x002f, 0x0033, 0x0035, 0x0039, 0x003b, 0x003c, 0x003d, 0x0041, 0x0045, 0x0067, 0x006b, 0x0084, 0x0088, 0x0096, 0x009a, 0x009c, 0x009d, 0x009e, 0x009f, 0x00ba, 0x00be, 0x00c0, 0x00c4, 0xc006, 0xc007, 0xc008, 0xc009, 0xc00a, 0xc010, 0xc011, 0xc012, 0xc013, 0xc014, 0xc023, 0xc024, 0xc027, 0xc028, 0xc02b, 0xc02c, 0xc02f, 0xc030, 0xc03c, 0xc03d, 0xc044, 0xc045, 0xc048, 0xc049, 0xc04c, 0xc04d, 0xc050, 0xc051, 0xc052, 0xc053, 0xc05c, 0xc05d, 0xc060, 0xc061, 0xc072, 0xc073, 0xc076, 0xc077, 0xc07a, 0xc07b, 0xc07c, 0xc07d, 0xc086, 0xc087, 0xc08a, 0xc08b, 0xc09c, 0xc09d, 0xc09e, 0xc09f, 0xc0a0, 0xc0a1, 0xc0a2, 0xc0a3, 0xc0ac, 0xc0ad, 0xc0ae, 0xc0af, 0xcca8, 0xcca9, 0xccaa},
	tls.VersionSSL30: []tls.CipherSuite{0x0001, 0x0002, 0x0003, 0x0004, 0x0005, 0x0006, 0x0007, 0x0008, 0x0009, 0x000a, 0x0014, 0x0015, 0x0016, 0x002f, 0x0033, 0x0035, 0x0039, 0x003b, 0x003c, 0x003d, 0x0067, 0x006b, 0x0096, 0x009a, 0x009c, 0x009d, 0x009e, 0x009f, 0xc006, 0xc007, 0xc008, 0xc009, 0xc00a, 0xc010, 0xc011, 0xc012, 0xc013, 0xc014, 0xc023, 0xc024, 0xc027, 0xc028, 0xc02b, 0xc02c, 0xc02f, 0xc030, 0xc09c, 0xc09d, 0xc09e, 0xc09f, 0xc0a0, 0xc0a1, 0xc0a2, 0xc0a3, 0xc0ac, 0xc0ad, 0xc0ae, 0xc0af, 0xcca8, 0xcca9, 0xccaa, 0x001c, 0x001d, 0x001e, 0x0062, 0x0064},
}
View Source 
var CIPHERS_ECDHE = []tls.CipherSuite{0xc006, 0xc007, 0xc008, 0xc009, 0xc00a, 0xc010, 0xc011, 0xc012, 0xc013, 0xc014, 0xc023, 0xc024, 0xc027, 0xc028, 0xc02b, 0xc02c, 0xc02f, 0xc030, 0xc048, 0xc049, 0xc04c, 0xc04d, 0xc05c, 0xc05d, 0xc060, 0xc061, 0xc072, 0xc073, 0xc076, 0xc077, 0xc086, 0xc087, 0xc08a, 0xc08b, 0xc0ac, 0xc0ad, 0xc0ae, 0xc0af, 0xcca8, 0xcca9}
View Source 
var CIPHERS_ECDSA = []tls.CipherSuite{0xc007, 0xc006, 0xcca9, 0xc087, 0xc073, 0xc086, 0xc072, 0xc05d, 0xc049, 0xc05c, 0xc048, 0xc02c, 0xc0af, 0xc0ad, 0xc024, 0xc00a, 0xc02b, 0xc0ae, 0xc0ac, 0xc023, 0xc009, 0xc008}
View Source 
var CIPHERS_RSA = []tls.CipherSuite{0x0096, 0x0005, 0x0004, 0x003b, 0x0002, 0x0001, 0x0007, 0x0009, 0xc07b, 0x00c0, 0x0084, 0xc07a, 0x00ba, 0x0041, 0xc051, 0xc03d, 0xc050, 0xc03c, 0x009d, 0xc0a1, 0xc09d, 0x003d, 0x0035, 0x009c, 0xc0a0, 0xc09c, 0x003c, 0x002f, 0x000a, 0x0003, 0x0006, 0x0008, 0x0064, 0x0062, 0xc011, 0xc010, 0xcca8, 0xc08b, 0xc077, 0xc08a, 0xc076, 0xc061, 0xc04d, 0xc060, 0xc04c, 0xc030, 0xc028, 0xc014, 0xc02f, 0xc027, 0xc013, 0xc012, 0x009a, 0x0015, 0xccaa, 0xc07d, 0x00c4, 0x0088, 0xc07c, 0x00be, 0x0045, 0xc053, 0xc045, 0xc052, 0xc044, 0x009f, 0xc0a3, 0xc09f, 0x006b, 0x0039, 0x009e, 0xc0a2, 0xc09e, 0x0067, 0x0033, 0x0016, 0x0014}
View Source 
var CIPHERS_TLS13 = []tls.CipherSuite{0x1301, 0x1302, 0x1303, 0x1304, 0x1305}
View Source 
var COMPRESSION_METHODS = "0x1,0x40"

deflate, LZS

View Source 
var CONNECTION_ERRORS = StrSlice([]string{
	"too many",
	"EOF",
	"connection reset",
	"imeout",
	"broken pipe",
	"deadline",
	"idle",
})
View Source 
var CURVES_COMMON = []tls.CurveID{tls.CurveP256, tls.CurveP384, tls.CurveP521, tls.Curve_X25519, tls.Curve_X448, tls.Curve_sect283k1, tls.Curve_sect283r1, tls.Curve_sect409k1, tls.Curve_sect409r1, tls.Curve_sect571k1, tls.Curve_sect571r1, tls.Curve_secp224r1, tls.Curve_secp256k1, tls.Curve_brainpoolP256r1, tls.Curve_brainpoolP384r1, tls.Curve_brainpoolP512r1}
View Source 
var CURVES_DEFAULT = []tls.CurveID{tls.CurveP256, tls.CurveP384, tls.CurveP521}
View Source 
var CURVES_UNCOMMON = []tls.CurveID{tls.Curve_sect163k1, tls.Curve_sect163r1, tls.Curve_sect163r2, tls.Curve_sect193r1, tls.Curve_sect193r2, tls.Curve_sect233k1, tls.Curve_sect233r1, tls.Curve_sect239k1, tls.Curve_sect283k1, tls.Curve_sect283r1, tls.Curve_sect409k1, tls.Curve_sect409r1, tls.Curve_sect571k1, tls.Curve_sect571r1, tls.Curve_secp160k1, tls.Curve_secp160r1, tls.Curve_secp160r2, tls.Curve_secp192k1, tls.Curve_secp192r1, tls.Curve_secp224k1, tls.Curve_secp224r1, tls.Curve_secp256k1, tls.Curve_brainpoolP256r1, tls.Curve_brainpoolP384r1, tls.Curve_brainpoolP512r1, tls.Curve_ffdhe2048, tls.Curve_ffdhe3072, tls.Curve_ffdhe4096, tls.Curve_ffdhe6144, tls.Curve_ffdhe8192}
View Source 
var CURVES_UNION = append(CURVES_COMMON, CURVES_UNCOMMON...)
View Source 
var ECDSA_AND_HASHES = "4-3,5-3,6-3,2-3"
View Source 
var INSECURE_CIPHERS = []tls.CipherSuite{
	0x0001,
	0x0002,
	0x0003,
	0x0004,
	0x0005,
	0x0006,
	0x0008,
	0x0009,
	0x000a,
	0x0014,
	0x0015,
	0x0016,
	0x003b,
	0xc006,
	0xc007,
	0xc008,
	0xc010,
	0xc011,
	0xc012,
}
View Source 
var PSIG_AND_HASHES = []tls.PsignatureAndHash{
	tls.PsignatureAndHash{1, 4},
	tls.PsignatureAndHash{1, 5},
	tls.PsignatureAndHash{1, 6},
	tls.PsignatureAndHash{3, 4},
	tls.PsignatureAndHash{3, 5},
	tls.PsignatureAndHash{3, 6},
	tls.PsignatureAndHash{4, 8},
	tls.PsignatureAndHash{5, 8},
	tls.PsignatureAndHash{6, 8},
	tls.PsignatureAndHash{7, 8},
	tls.PsignatureAndHash{8, 8},
	tls.PsignatureAndHash{1, 2},
	tls.PsignatureAndHash{3, 2},
}
View Source 
var RSA_AND_HASHES = "4-1,5-1,6-1,2-1"
View Source 
var SECURE_CIPHERS = []tls.CipherSuite{
	0xd005,
	0xd002,
	0xd001,
	0xccad,
	0xccac,
	0xccaa,
	0xcca9,
	0xcca8,
	0xc0a7,
	0xc0a6,
	0xc09f,
	0xc09e,
	0xc030,
	0xc02f,
	0xc02c,
	0xc02b,
	0x1304,
	0x1303,
	0x1302,
	0x1301,
	0x00ab,
	0x00aa,
	0x009f,
	0x009e,
}
View Source 
var SIG_AND_HASHES = "4-1,5-1,6-1,4-3,5-3,6-3,8-4,8-5,8-6,8-7,8-8,2-1,2-3"

https://tools.ietf.org/html/rfc8446#page-41 Does not include DSA or SHA224

View Source 
var TLS_VERSIONS_NOT13 = VersionSlice([]tls.TLSVersion{tls.VersionTLS12, tls.VersionTLS11, tls.VersionTLS10, tls.VersionSSL30})

Functions

func CipherSupportStatus 

func CipherSupportStatus(selected_cipher tls.CipherSuite,
	presented_ciphers []tls.CipherSuite, log *zgrab2.TLSLog) (error, bool)

func GetSelectedCipher 

func GetSelectedCipher(log *zgrab2.TLSLog) tls.CipherSuite

func Strconcat 

func Strconcat(x1 string, x2 string) string

Types

type CipherSlice 

type CipherSlice []tls.CipherSuite

func (CipherSlice) ToHexStr 

func (s CipherSlice) ToHexStr() string

type CipherSuiteSupport 

type CipherSuiteSupport struct {
	CiphersSupported        []tls.CipherSuite `json:"supported_ciphers"`
	CipherHandshakes        []Handshake       `json:"handshakes"`
	ServerPreferenceSupport bool              `json:"server_preference_support"`
	ServerPreferenceHS      Handshake         `json:"server_preference_handshake"`
}

func CipherScan 

func CipherScan(t zgrab2.ScanTarget, baseFlags zgrab2.BaseFlags,
	tlsFlags zgrab2.TLSFlags, versionSupportResult TLSVersionSupport) *CipherSuiteSupport

type CurveSlice 

type CurveSlice []tls.CurveID

func (CurveSlice) ToIntStr 

func (s CurveSlice) ToIntStr() string

type DefaultsResults 

type DefaultsResults struct {
	HttpSupport      HTTPSupport           `json:"HTTPSupport"`
	VersionSupport   TLSVersionSupport     `json:"TLSVersionSupport"`
	CipherSupport    *CipherSuiteSupport   `json:"CipherSuiteSupport"`
	EllipticCurves   *EllipticCurveSupport `json:"EllipticCurveSupport"`
	ExtensionSupport *ExtensionSupport     `json:"ExtensionSupport"`
}

type EllipticCurveSupport 

type EllipticCurveSupport struct {
	CurvesSupported []tls.CurveID `json:"supported_curves"`
	CurveHandshakes []Handshake   `json:"curve_handshakes"`
}

func EllipticCurveScan 

func EllipticCurveScan(t zgrab2.ScanTarget, baseFlags zgrab2.BaseFlags,
	tlsFlags zgrab2.TLSFlags, version_support TLSVersionSupport) *EllipticCurveSupport

Scans for curve support

type Err 

type Err struct {
	Error error `json:"error"`
}

func (Err) MarshalJSON 

func (err Err) MarshalJSON() ([]byte, error)

type ExtensionID 

type ExtensionID uint16
const (
	ExtensionServerName                 ExtensionID = 0
	ExtensionStatusRequest              ExtensionID = 5
	ExtensionStatusRequestV2            ExtensionID = 17 //OCSP
	ExtensionSignedCertificateTimestamp ExtensionID = 18
	ExtensionSupportedGroups            ExtensionID = 10
	ExtensionSignatureAlgorithms        ExtensionID = 13
	ExtensionHeartBeat                  ExtensionID = 15
	ExtensionALPN                       ExtensionID = 16
	ExtensionExtendedMasterSecret       ExtensionID = 23
	ExtensionSessionTicket              ExtensionID = 35
	ExtensionRenegotiationInfo          ExtensionID = 65281
)

func (ExtensionID) MarshalJSON 

func (ext ExtensionID) MarshalJSON() ([]byte, error)

func (ExtensionID) String 

func (ext ExtensionID) String() string

type ExtensionSupport 

type ExtensionSupport struct {
	ExtensionsSupported     []ExtensionID      `json:"supported_extensions"`
	ProtocolsSupported      []string           `json:"supported_protocols"`
	SessionTicket           *tls.SessionTicket `json:"session_ticket"`
	ExtensionHandshakes     []Handshake        `json:"extension_handshakes"`
	SessionTicketResumption bool               `json:"session_ticket_resumption"`
	SessionIDResumption     bool               `json:"session_id_resumption"`
	HeartBleed              bool               `json:"heart_bleed"`
	Compression             bool               `json:"compression"`
}

func ExtensionScan 

func ExtensionScan(t zgrab2.ScanTarget, baseFlags zgrab2.BaseFlags,
	tlsFlags zgrab2.TLSFlags, version_support TLSVersionSupport) *ExtensionSupport

Scans for extension support

type HTTPResponseInfo 

type HTTPResponseInfo struct {
	ResponseStatusCode int
	ResponseProtocol   string
	ResponseHeader     []string `json:"response_header"`
	ResponseBody       string   `json:"response_body"`
}

type HTTPSupport 

type HTTPSupport struct {
	//HTTP
	SupportsHTTP bool `json:"http_support"`
	HTTPResponse *HTTPResponseInfo
	HTTPError    Err `json:"http_error"`
	//HTTPS
	SupportsHTTPS bool `json:"https_support"`
	HTTPSResponse *HTTPResponseInfo
	HTTPSError    Err `json:"https_error"`

	SupportsHTTP2 bool `json:"http2_support"`
	HTTP2Response *HTTPResponseInfo
	HTTP2Error    Err `json:"http2_error"`
}

func HttpSupportScan 

func HttpSupportScan(t zgrab2.ScanTarget, tlsFlags zgrab2.TLSFlags) HTTPSupport

scans for http/https support arguments: scan target <-> ip, domain outputs: httpsupport

type Handshake 

type Handshake struct {
	Error         Err            `json:"error"`
	Log           *zgrab2.TLSLog `json:"handshake_log"`
	ScanStatus    bool           `json:"scan_status"`
	TargetVersion tls.TLSVersion `json:intended_version`
}

type HandshakeSSL20 

type HandshakeSSL20 struct {
	Error           Err                  `json:"error"`
	Log             *sslv2.HandshakeData `json:"handshake_log"`
	ScanStatus      bool                 `json:"scan_status"`
	SelectedCiphers []sslv2.CipherKind   `json:"supported_ciphers"`
}

type StrSlice 

type StrSlice []string

type TLSVersionSupport 

type TLSVersionSupport struct {
	SupportedVersions []tls.TLSVersion     `json:"supported_versions"`
	VersionHandshakes map[string]Handshake `json:"handshakes"`
	SSL20Handshake    HandshakeSSL20       `json:"ssl20_handshake"`
}

func TLSVersionSupportScan 

func TLSVersionSupportScan(t zgrab2.ScanTarget, baseFlags zgrab2.BaseFlags, tlsFlags zgrab2.TLSFlags) TLSVersionSupport

type VersionSlice 

type VersionSlice []tls.TLSVersion

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.