HTTPS
Материал из Xgu.ru
Некоторые примеры работы с HTTPS:
#netcat scanner for HTTP servers for i in $(seq 1 255); do nc -n -v -z "192.168.1.$i" 80 | grep "open"; done | tee webservers.txt # Manually perform a HTTP Get Request echo -ne "GET / HTTP/1.0nn" | nc www.redspin.com 80 # Manually perform a HTTP Get Request on a SSL Port echo -ne "GET / HTTP/1.0nn" | socat – OPENSSL:www.website.com:443,verify=0 # Create a local TCP pipe to a remote SSL port (to allow netcat to probe a SSL service) socat -vd TCP-LISTEN:8888,fork OPENSSL:www.redspin.com:443,verify=0 # Always connect to a given webserver PORT regardless if it is SSL or normal HTTP (curl -iks -m2 "https://www.redspin.com:PORT" || curl -iks -m2 "www.redspin.com:PORT") # Perform a check on a list of webservers (HTTP or HTTPS): HOST:PORT -> HOST:PORT|WEB SERVER|HTML Title # Includes a 2 seconds timeout using curl's -m2, and parallelization using xargs's -P10 cat webservers.txt | xargs -P10 -I'{}' bash -c '(curl -Liks -m2 "https://{}" || curl -Liks -m2 "{}") | grep -iao -e "^Server: .*" -e "" | sed "s#Server: (.*)#|1|#i;s###ig" | tr -d "rn" | sed "1s/^/{}/;$a\" | sed "s/^([^|]*)|$/1||/"' | tee webserver_info.txt # Check if Trace is enabled on a given website echo -ne "TRACE /something HTTP/1.0nX-Header: Trace Enablednn" | socat - OPENSSL:www.website.com:443,verify=0 # Check for the insecure SSLv2 protocol on a website echo -e '' | openssl s_client -connect WEBSITE:PORT -ssl2 -no_ssl3 -no_tls1 2>/dev/null | grep 'SSLv2' # Bruteforce a given numerical webpath, printing the HTTP status code for each request for ((i=0;i/dev/null | grep HTTP/1.1) | tee webbf.txt ; done # Simple HTTP Listener python -m SimpleHTTPServer # Simple HTTPS (SSL) Listener without a server certificate sudo openssl s_server -accept 443 -nocert # Simple HTTPS (SSL) Listener with a bad self-signed server certificate echo -ne "nnnnnnn" | openssl req -new -newkey rsa:1024 -days 1 -nodes -x509 -keyout out.pem -out out.pem ; openssl s_server -cert out.pem -www
Источник: [1].
Ещё немного на эту тему: