From 94745b91ebb358ec6ce04da7119cf2111737b96b Mon Sep 17 00:00:00 2001 From: CJ <99046893+Mystic-Ivy@users.noreply.github.com> Date: Fri, 6 Oct 2023 16:40:42 +0200 Subject: [PATCH 1/2] Added the ability to use a certificate and/or keyfile in a ssl connection --- bin/quickfuzz | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/bin/quickfuzz b/bin/quickfuzz index 3ed5a77..681ee1e 100755 --- a/bin/quickfuzz +++ b/bin/quickfuzz @@ -21,6 +21,8 @@ parser.add_argument('--no-failed', dest='nofailed', action='store_true', help='o parser.add_argument('--no-color', dest='nocolor', action='store_true', help='do not use color highlighting') parser.add_argument('--retries', type=int, default=-1, help='number of retires if a port is closed (default=infinite)') parser.add_argument('--ssl', action='store_true', help='use ssl sockets for this port') +parser.add_argument('--ssl-key', default=None, dest='ssl_key', help='use ssl key and pem for ssl connection') +parser.add_argument('--ssl-pem', default=None, dest='ssl_pem', help='usd ssl key and pem for ssl connection') parser.add_argument('--summary', action='store_true', help='print a summary in the end instead of live data') parser.add_argument('--threads', type=int, default=1, help='use ssl sockets for this port') parser.add_argument('--timeout', type=int, default=2, help='time to wait for a response (default=2)') @@ -46,8 +48,8 @@ def main(): # Create a fuzzer object live = not args.summary and not args.json fuzzer = quickfuzz.Fuzzer(args.ip, args.port, connect_timeout=args.ct, max_retries=args.retries, - no_color=args.nocolor, no_failed=args.nofailed, ssl=args.ssl, - server_timeout=args.timeout, threads=args.threads, verbose=live) + no_color=args.nocolor, no_failed=args.nofailed, ssl=args.ssl, ssl_key=args.ssl_key, + ssl_pem=args.ssl_pem, server_timeout=args.timeout, threads=args.threads, verbose=live) # Some payloads contain parameters. Here we cann add their corresponding replacements fuzzer.add_parameter(b'<@:IP:@>', args.ip.encode('utf-8')) From ce327cfa4140153c6310bc0beccf2e3dff45e362 Mon Sep 17 00:00:00 2001 From: CJ <99046893+Mystic-Ivy@users.noreply.github.com> Date: Fri, 6 Oct 2023 16:42:31 +0200 Subject: [PATCH 2/2] Added the ability to use a certificate and/or keyfile in a ssl connection --- quickfuzz/quickfuzz.py | 35 +++++++++++++++++++++++++++++++---- 1 file changed, 31 insertions(+), 4 deletions(-) diff --git a/quickfuzz/quickfuzz.py b/quickfuzz/quickfuzz.py index 3d49276..bd5f401 100644 --- a/quickfuzz/quickfuzz.py +++ b/quickfuzz/quickfuzz.py @@ -51,7 +51,7 @@ class Fuzzer: other settings like the usage of ssl or the amount of time between requetss. ''' - def __init__(self, ip, port, connect_timeout=2, max_retries=2, no_color=False, no_failed=False, payloads=[], ssl=False, server_timeout=2, threads=5, verbose=False): + def __init__(self, ip, port, connect_timeout=2, max_retries=2, no_color=False, no_failed=False, payloads=[], ssl=False, ssl_key=None, ssl_pem=None, server_timeout=2, threads=5, verbose=False): ''' Creates a new Fuzzer object. @@ -64,6 +64,8 @@ def __init__(self, ip, port, connect_timeout=2, max_retries=2, no_color=False, n no_olor (bool) Do not colorize outputs payloads (list[Payload]) Payloads to use for fuzzing ssl (bool) Using ssl connections + ssl_key (string) Using ssl key for ssl connections + ssl_pem (string) Using ssl certificate for ssl connections server_timeout (int) Seconds to wait for a server response threads (int) Number of thrads to use verbose (bool) Print live data for each payload @@ -73,13 +75,14 @@ def __init__(self, ip, port, connect_timeout=2, max_retries=2, no_color=False, n self.connect_timeout = connect_timeout self.max_retries = max_retries self.ssl = ssl + self.ssl_cert_mode = False + self.ssl_cert_error = False self.server_timeout = server_timeout self.threads = threads self.verbose = verbose self.payloads = payloads self.no_failed = no_failed self.parameter_dict = {} - # Each Fuzzer can define its own color scheme, or no colors at all self.info_color = None if no_color else "white" self.error_color = None if no_color else "red" @@ -87,6 +90,24 @@ def __init__(self, ip, port, connect_timeout=2, max_retries=2, no_color=False, n self.payload_color = None if no_color else "yellow" self.warning_color = None if no_color else "yellow" + if ssl: + if ssl_pem is not None and ssl_key is None: + if not os.path.isfile(ssl_pem): + termcolor.cprint(f"[-] Certificate file not found!", self.error_color, file=sys.stderr) + sys.exit() + self.ssl_cert_mode = True + elif ssl_key is not None and ssl_pem is not None: + if not os.path.isfile(ssl_pem) or not os.path.isfile(ssl_key): + termcolor.cprint(f"[-] Certificate or key file not found!", self.error_color, file=sys.stderr) + sys.exit() + self.ssl_cert_mode = True + elif ssl_key is not None: + termcolor.cprint(f"[-] Key parameter needs a certificate file!", self.error_color, file=sys.stderr) + sys.exit() + + self.ssl_key = ssl_key + self.ssl_pem = ssl_pem + def connect(self, terminate=False): ''' @@ -99,16 +120,22 @@ def connect(self, terminate=False): Returns: sock (Socket) TCP Socket for the targeted port ''' + + sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if self.ssl: context = ssl.SSLContext() + if self.ssl_cert_mode: + try: + context.load_cert_chain(self.ssl_pem, self.ssl_key) + except Exception as e: + termcolor.cprint("[-] Loading certificate error! Printing exception:\n" + e, self.error_color, file=sys.stderr) + sys.exit() context.verify_mode = ssl.CERT_NONE context.check_hostname = False sock = context.wrap_socket(sock) - target = (self.ip, self.port) - # If the request is blocked for some reason, we wait some seconds # and try again, until the connect works or the maximum number of retires is rached retry_count = 0