Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix false positive with untrusted flag #296

Merged
merged 4 commits into from Jul 4, 2023
Merged

fix false positive with untrusted flag #296

merged 4 commits into from Jul 4, 2023

Conversation

RamanaReddy0M
Copy link
Contributor

@RamanaReddy0M RamanaReddy0M commented Jun 29, 2023
edited

#268 False positive with untrusted flag, but manual certificate check shows trusted status

@RamanaReddy0M RamanaReddy0M linked an issue Jun 29, 2023 that may be closed by this pull request
False positive with untrusted flag, but manual certificate check shows trusted status #268
Closed
@RamanaReddy0M
Copy link
Contributor Author 

✗ ./tlsx -un -host ebay.co.jp,comicon.it,sambonet.it
  

  _____ _    _____  __
 |_   _| |  / __\ \/ /
   | | | |__\__ \>  < 
   |_| |____|___/_/\_\  v1.1.0

                projectdiscovery.io

[INF] Current tlsx version v1.1.0 (latest)
sambonet.it:443
ebay.co.jp:443
comicon.it:443
[INF] Connections made using crypto/tls: 3, zcrypto/tls: 0, openssl: 0

@RamanaReddy0M RamanaReddy0M self-assigned this Jun 29, 2023
@RamanaReddy0M RamanaReddy0M added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Jun 29, 2023
Mzack9999
Mzack9999 requested changes Jun 30, 2023
View reviewed changes
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm - I suggest moving the update certificate logic to a separate cmd utility (e.g., https://github.com/projectdiscovery/wappalyzergo/blob/main/cmd/update-fingerprints/main.go) that is run with a cron-fashion. Then it just gets loaded via embed, removing the need of reading/writing any external file as it gets included directly in the final binary:

import (
	_ "embed"
)

//go:embed root_certs.pem
var data string

What do you think?

Mzack9999
Mzack9999 approved these changes Jul 4, 2023
View reviewed changes
Copy link
Member

@Mzack9999 Mzack9999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm!

$ go run . -un -host ebay.co.jp,comicon.it,sambonet.it
...
sambonet.it:443
comicon.it:443
ebay.co.jp:443
[INF] Connections made using crypto/tls: 3, zcrypto/tls: 0, openssl: 0

@Mzack9999 Mzack9999 requested a review from ehsandeep July 4, 2023 09:15
@ehsandeep ehsandeep merged commit d19e53c into dev Jul 4, 2023
10 checks passed
@ehsandeep ehsandeep deleted the issue-flase-positive-with-untrusted-flag branch July 4, 2023 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ehsandeep ehsandeep ehsandeep approved these changes

@Mzack9999 Mzack9999 Mzack9999 approved these changes

Assignees

@RamanaReddy0M RamanaReddy0M

Labels
Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

False positive with untrusted flag, but manual certificate check shows trusted status
3 participants
@RamanaReddy0M @ehsandeep @Mzack9999