Created
June 17, 2022 11:54
-
-
Save evilUrge/95316081b4a415554b549f620728df5b to your computer and use it in GitHub Desktop.
SSL Pinning
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const { Agent } = require("https"), | |
request = require("request"); | |
const FINGERPRINTSET = [ | |
"C3:07:56:2C:08:A5:E1:2E:41:20:10:7A:02:87:86:C3:72:49:45:BF", | |
]; | |
const req = request( | |
{ | |
url: "https://www.duckduckgo.com/", | |
agent: new Agent({ maxCachedSessions: 0 }), // disable caching | |
strictSSL: true, // validate ssl certificate | |
}, | |
(err, response, body) => (err ? err : body) | |
); | |
req.on("socket", (socket) => { | |
socket.on("secureConnect", () => { | |
const { fingerprint } = socket.getPeerCertificate(); | |
if (!FINGERPRINTSET.includes(fingerprint)) { | |
// Abort | |
req.abort(); | |
throw new Error("Fingerprint does not match"); | |
} | |
// Insert logic here | |
console.info("Yay, fingerprint matches"); | |
}); | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
To get a fingerprint