Skip to content

SSL Fingerprint Tool written in Go for the CLI and package use.

License

Notifications You must be signed in to change notification settings

nhalstead/sprint

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SSL Fingerprint (sprint)

Go Report Card GoDoc MIT license

This cli application written in go will connect to the given domain and return the md5/sha1/sha256/sha512 fingerprint formatted appropriately.

Simple, Fast, Easy

Why?

The main purpose of this was for debugging of SSL certs but this package can be used in some automation tasks like cert pinning or validation.

This is a CLI tool and a package.

How to use the Package

Add the following line to import the package and start using it!

package main

import (
	"fmt"
	// Needed to be imported to work
	"github.com/nhalstead/sprint"
)

func main() {
	test, _ := sprint.GetFingerprint("google.com", false)

	fmt.Println("Sha256 Fingerprint of google.com: ", test.SHA256)
}

How to use the CLI

sprint host [domain] -1

To use SHA256 or SHA512 simply use the -2 (or --sha-256) and -5 (or --sha-512) flags respectively.

sprint host [domain] -2

sprint host [domain] -5

Example Usage

sprint host google.com -1

F0:48:7A:59:65:34:33:F8:A1:92:C6:C4:FB:9A:CC:C5:AD:0C:B3:E2

Advanced Usage

If in use for bash scripts you can use sprint match. Sprint Match will fetch the fingerprint and return a status using the exit codes.

A Non-zero exit code means that it has failed the check or failed to connect during the process.

This makes it simple to implement a method of cert pinning without the need to use other languages with extra libraries.

Help (-h / --help)

Usage:
  sprint [command]

Available Commands:
  completion  generate the autocompletion script for the specified shell
  help        Help about any command
  host        Get ssl fingerprint of a URL
  match       Get ssl fingerprint of a URL and check if it matches the given fqdn or ip

Flags:
  -h, --help   help for sprint
Usage:
  sprint host [fqdn or ip] [flags]

Flags:
  -d, --disable-nth        disable Nth separator
  -h, --help               help for host
  -m, --md5                return md5 fingerprint
  -s, --separator string   separator between many hashes (default ",")
  -1, --sha-1              return sha1 fingerprint
  -2, --sha-256            return sha256 fingerprint
  -5, --sha-512            return sha512 fingerprint
Usage:
  sprint match [fqdn or ip] [fingerprint] [flags]

Flags:
  -h, --help   help for match