forked from owasp-amass/amass
/
entrust.go
127 lines (105 loc) · 2.9 KB
/
entrust.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// Copyright 2017 Jeff Foley. All rights reserved.
// Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file.
package sources
import (
"net/url"
"regexp"
"strings"
"github.com/OWASP/Amass/amass/core"
"github.com/OWASP/Amass/amass/utils"
)
// Entrust is the Service that handles access to the Entrust data source.
type Entrust struct {
core.BaseService
SourceType string
}
// NewEntrust returns he object initialized, but not yet started.
func NewEntrust(config *core.Config, bus *core.EventBus) *Entrust {
e := &Entrust{SourceType: core.CERT}
e.BaseService = *core.NewBaseService(e, "Entrust", config, bus)
return e
}
// OnStart implements the Service interface
func (e *Entrust) OnStart() error {
e.BaseService.OnStart()
go e.processRequests()
return nil
}
func (e *Entrust) processRequests() {
for {
select {
case <-e.Quit():
return
case req := <-e.DNSRequestChan():
if e.Config().IsDomainInScope(req.Domain) {
e.executeQuery(req.Domain)
}
case <-e.AddrRequestChan():
case <-e.ASNRequestChan():
case <-e.WhoisRequestChan():
}
}
}
func (e *Entrust) executeQuery(domain string) {
re := e.Config().DomainRegex(domain)
if re == nil {
return
}
e.SetActive()
u := e.getURL(domain)
page, err := utils.RequestWebPage(u, nil, nil, "", "")
if err != nil {
e.Config().Log.Printf("%s: %s: %v", e.String(), u, err)
return
}
content := strings.Replace(page, "u003d", " ", -1)
for _, sd := range re.FindAllString(content, -1) {
e.Bus().Publish(core.NewNameTopic, &core.DNSRequest{
Name: cleanName(sd),
Domain: domain,
Tag: e.SourceType,
Source: e.String(),
})
}
for _, name := range e.extractReversedSubmatches(page) {
if match := re.FindString(name); match != "" {
e.Bus().Publish(core.NewNameTopic, &core.DNSRequest{
Name: cleanName(match),
Domain: domain,
Tag: e.SourceType,
Source: e.String(),
})
}
}
}
func (e *Entrust) getURL(domain string) string {
u, _ := url.Parse("https://ctsearch.entrust.com/api/v1/certificates")
u.RawQuery = url.Values{
"fields": {"subjectO,issuerDN,subjectDN,signAlg,san,sn,subjectCNReversed,cert"},
"domain": {domain},
"includeExpired": {"true"},
"exactMatch": {"false"},
"limit": {"5000"},
}.Encode()
return u.String()
}
func (e *Entrust) extractReversedSubmatches(content string) []string {
var rev, results []string
re := regexp.MustCompile("\"valueReversed\": \"(.*)\"")
for _, subs := range re.FindAllStringSubmatch(content, -1) {
rev = append(rev, strings.TrimSpace(subs[1]))
}
for _, r := range rev {
s := e.reverseSubdomain(r)
results = append(results, utils.RemoveAsteriskLabel(s))
}
return results
}
func (e *Entrust) reverseSubdomain(name string) string {
var result []string
s := strings.Split(name, "")
for i := len(s) - 1; i >= 0; i-- {
result = append(result, s[i])
}
return strings.Join(result, "")
}