|
Packit |
c22fc9 |
Needs
|
|
Packit |
c22fc9 |
=====
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Before trying to compile genhash tool you need to install
|
|
Packit |
c22fc9 |
OpenSSL 0.9.6b (http://www.openssl.org).
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Installation
|
|
Packit |
c22fc9 |
============
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Simply 'make' & 'make install'
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Utilisation
|
|
Packit |
c22fc9 |
===========
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
The genhash tool give you the ability to generate MD5 digest
|
|
Packit |
c22fc9 |
from remote HTTP/HTTPS server connected.
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
The global synopsis for the tool is :
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
[user@lvs]$ genhash --help
|
|
Packit |
c22fc9 |
genhash v1.0.0 (18/11, 2002)
|
|
Packit |
c22fc9 |
Usage:
|
|
Packit |
c22fc9 |
genhash -s server-address -p port -u url
|
|
Packit |
c22fc9 |
genhash -S -s server-address -p port -u url
|
|
Packit |
c22fc9 |
genhash -h
|
|
Packit |
c22fc9 |
genhash -r
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Commands:
|
|
Packit |
c22fc9 |
Either long or short options are allowed.
|
|
Packit |
c22fc9 |
genhash --use-ssl -S Use SSL connection to remote server.
|
|
Packit |
c22fc9 |
genhash --server -s Use the specified remote server address.
|
|
Packit |
c22fc9 |
genhash --port -p Use the specified remote server port.
|
|
Packit |
c22fc9 |
genhash --url -u Use the specified remote server url.
|
|
Packit |
c22fc9 |
genhash --use-virtualhost -V Use the specified virtualhost in GET query.
|
|
Packit |
c22fc9 |
genhash --verbose -v Use verbose mode output.
|
|
Packit |
c22fc9 |
genhash --help -h Display this short inlined help screen.
|
|
Packit |
c22fc9 |
genhash --release -r Display the release number
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Imagine we have a remote HTTP/HTTPS server owning the IP address 192.168.200.10.
|
|
Packit |
c22fc9 |
We want to generate a MD5SUM over the server root url (/).
|
|
Packit |
c22fc9 |
To proceed, simply use :
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
[user@lvs]$ genhash -s 192.168.200.10 -p 80 -u /
|
|
Packit |
c22fc9 |
-----------------------[ HTTP Header Buffer ]-----------------------
|
|
Packit |
c22fc9 |
0000 48 54 54 50 2f 31 2e 31 - 20 32 30 30 20 4f 4b 0d HTTP/1.1 200 OK.
|
|
Packit |
c22fc9 |
0010 0a 44 61 74 65 3a 20 57 - 65 64 2c 20 32 38 20 4e .Date: Wed, 28 N
|
|
Packit |
c22fc9 |
..........................................................................
|
|
Packit |
c22fc9 |
-----------------------[ HTTP Header Ascii Buffer ]-----------------------
|
|
Packit |
c22fc9 |
HTTP/1.1 200 OK
|
|
Packit |
c22fc9 |
..............
|
|
Packit |
c22fc9 |
-----------------------[ HTML Buffer ]-----------------------
|
|
Packit |
c22fc9 |
0000 3c 21 44 4f 43 54 59 50 - 45 20 48 54 4d 4c 20 50
|
|
Packit |
c22fc9 |
0010 55 42 4c 49 43 20 22 2d - 2f 2f 57 33 43 2f 2f 44 UBLIC "-//W3C//D
|
|
Packit |
c22fc9 |
..........................................................................
|
|
Packit |
c22fc9 |
-----------------------[ HTML MD5 resulting ]-----------------------
|
|
Packit |
c22fc9 |
0000 ff 20 ad 24 81 f9 7b 17 - 54 ef 3e 12 ec d3 a9 cc . .$..{.T.>.....
|
|
Packit |
c22fc9 |
-----------------------[ HTML MD5 final resulting ]-----------------------
|
|
Packit |
c22fc9 |
FF20AD2481F97B1754EF3E12ECD3A9CC
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
=> So the Hash value generated for the remote HTTP root URL is :
|
|
Packit |
c22fc9 |
http://192.168.200.10/ is FF20AD2481F97B1754EF3E12ECD3A9CC
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Genhash can generate hash values over SSL content. Using the same sample
|
|
Packit |
c22fc9 |
we will obtain :
|
|
Packit |
c22fc9 |
[user@lvs]$ genhash -S -s 192.168.200.10 -p 443 -u /
|
|
Packit |
c22fc9 |
-----------------------[ HTTP Header Buffer ]-----------------------
|
|
Packit |
c22fc9 |
0000 48 54 54 50 2f 31 2e 31 - 20 32 30 30 20 4f 4b 0d HTTP/1.1 200 OK.
|
|
Packit |
c22fc9 |
0010 0a 44 61 74 65 3a 20 57 - 65 64 2c 20 32 38 20 4e .Date: Wed, 28 N
|
|
Packit |
c22fc9 |
..........................................................................
|
|
Packit |
c22fc9 |
-----------------------[ HTTP Header Ascii Buffer ]-----------------------
|
|
Packit |
c22fc9 |
HTTP/1.1 200 OK
|
|
Packit |
c22fc9 |
..............
|
|
Packit |
c22fc9 |
-----------------------[ HTML Buffer ]-----------------------
|
|
Packit |
c22fc9 |
0000 3c 21 44 4f 43 54 59 50 - 45 20 48 54 4d 4c 20 50
|
|
Packit |
c22fc9 |
0010 55 42 4c 49 43 20 22 2d - 2f 2f 57 33 43 2f 2f 44 UBLIC "-//W3C//D
|
|
Packit |
c22fc9 |
..........................................................................
|
|
Packit |
c22fc9 |
-----------------------[ HTML MD5 resulting ]-----------------------
|
|
Packit |
c22fc9 |
0000 ff 20 ad 24 81 f9 7b 17 - 54 ef 3e 12 ec d3 a9 cc . .$..{.T.>.....
|
|
Packit |
c22fc9 |
-----------------------[ HTML MD5 final resulting ]-----------------------
|
|
Packit |
c22fc9 |
FF20AD2481F97B1754EF3E12ECD3A9CC
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
=> So the Hash value generated for the remote HTTP root URL is :
|
|
Packit |
c22fc9 |
https://192.168.200.10/ is FF20AD2481F97B1754EF3E12ECD3A9CC
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
=> The same as http since the document root is a common location for
|
|
Packit |
c22fc9 |
HTTP & HTTPS (in our sample).
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
In addition with this SSL support, we have added the capability to use
|
|
Packit |
c22fc9 |
specific ssl private key and ssl certificate. Note that the private key
|
|
Packit |
c22fc9 |
need to be generated into the PEM format. In our sample we have generated
|
|
Packit |
c22fc9 |
the SSL file using the following openssl command lines :
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
[user@lvs]$ openssl genrsa -des3 -out ssl.key 1024
|
|
Packit |
c22fc9 |
=> we use the PEM password : password (really secure :) )
|
|
Packit |
c22fc9 |
[user@lvs]$ openssl req -new -key ssl.key -out ssl.csr
|
|
Packit |
c22fc9 |
[user@lvs]$ openssl req -x509 -key ssl.key -in ssl.csr -out ssl.crt
|
|
Packit |
c22fc9 |
[user@lvs]$ cat ssl.key ssl.crt > ssl.pem
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Then we perform a hash computation using this specific SSL file :
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
[user@lvs]$ genhash --use-ssl \
|
|
Packit |
c22fc9 |
--server=192.168.201.100 --port=443 --url=/ \
|
|
Packit |
c22fc9 |
--use-private-key=ssl.pem \
|
|
Packit |
c22fc9 |
--use-password=password \
|
|
Packit |
c22fc9 |
--use-certificate=ssl.crt
|
|
Packit |
c22fc9 |
..........................................................................
|
|
Packit |
c22fc9 |
-----------------------[ HTML MD5 final resulting ]-----------------------
|
|
Packit |
c22fc9 |
FF20AD2481F97B1754EF3E12ECD3A9CC
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
|
|
Packit |
c22fc9 |
Have fun with it !
|
|
Packit |
c22fc9 |
Alexandre
|