mirror of
https://github.com/mgeeky/Penetration-Testing-Tools.git
synced 2024-11-23 11:01:37 +01:00
32 lines
1.1 KiB
Bash
32 lines
1.1 KiB
Bash
#!/bin/bash
|
|
|
|
echo -e "\n\nSimple SSL/TLS self-signed CA Certificate generator\n\n"
|
|
|
|
if [ -z $1 ]; then
|
|
echo "Usage: $0 [file_name]"
|
|
echo -e "\nGoing with default name: './rogue_server'\n\n"
|
|
fi
|
|
|
|
FILENAME=${1:-rogue_server}
|
|
|
|
echo "[+] Generating public and private keys pair (.key)..."
|
|
openssl genrsa -out $FILENAME.key 1024
|
|
|
|
echo "[+] Generating a self-signed x509 CA's certificate (.crt)..."
|
|
openssl req -new -key $FILENAME.key -x509 -sha256 -days 3600 -out $FILENAME.crt
|
|
|
|
echo "[+] Generating the PEM file out of the key and certificate files..."
|
|
cat $FILENAME.key $FILENAME.crt > $FILENAME.pem
|
|
|
|
echo -e "\n[>] Certificate's dump:"
|
|
openssl x509 -in $FILENAME.pem -text -noout
|
|
|
|
echo -e "\n[>] Generated files:"
|
|
echo -e "\tPKI keys (public/private):\t$FILENAME.key"
|
|
echo -e "\tCA Certficate:\t\t$FILENAME.crt"
|
|
echo -e "\tResulting PEM:\t\t$FILENAME.pem"
|
|
|
|
echo -e "\n\n[+] Now you can start a TLS-enabled server with:\n"
|
|
echo -e "\n$ sudo socat -vv openssl-listen:443,reuseaddr,fork,cert=$FILENAME.pem,cafile=$FILENAME.crt,verify=0 openssl-connect::,verify=0 \n"
|
|
echo "Happy MITM-ing!"
|