-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathopenssldir_check.cpp
executable file
·121 lines (101 loc) · 3.33 KB
/
openssldir_check.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
/* openssldir_check - Windows utility to check for potential insecure OPENSSLDIR paths built into OpenSSL libraries
* Author: Rich Mirch @0xm1rch
* Project: https://github.com/mirchr/openssldir_check
*/
//#include "pch.h"
#include <cstring>
#include <iostream>
#include <stdlib.h>
#include <string>
#include <windows.h>
#include <shellapi.h>
#include <shlwapi.h>
#define SSLEAY_VERSION 0
#define SSLEAY_DIR 5
// OpenSSL 1.1+ openssl/crypto.h
#define OPENSSL_VERSION 0
#define OPENSSL_DIR 4
using namespace std;
// https://www.openssl.org/docs/man1.0.2/man3/SSLeay_version.html
// https://www.openssl.org/docs/man1.1.0/man3/OpenSSL_version.html
#ifdef _WIN64
typedef char*(__stdcall *f_SSLeay_version)(int);
typedef char*(__stdcall *f_OpenSSL_version)(int);
const unsigned int bits = 64;
#else
typedef char*(__cdecl *f_SSLeay_version)(int);
typedef char*(__cdecl *f_OpenSSL_version)(int);
const unsigned int bits = 32;
#endif
int wmain(int argc, wchar_t **argv)
{
int USE_SSLEAY = 0;
cout << "openssldir_check v1.0 by 0xm1rch\n\n";
if (argv[1] == NULL)
{
wcerr << "\nUsage: openssldir_check <path\\to\\libeay32.dll> OpenSSL < 1.1";
wcerr << "\n or openssldir_check <path\\to\\libcrypto-version.dll> OpenSSL >= 1.1+";
wcerr << "\n\nWARNING: Do not use an untrusted path!\n";
exit(EXIT_FAILURE);
}
wchar_t filename[MAX_PATH];
wchar_t *has_slash = NULL;
// Extract the filename and store it in filename.
// Just copy the argument if a \ is not found
has_slash = wcschr(argv[1], '\\');
if (has_slash == NULL)
{
wcsncpy_s(filename, wcsnlen_s(argv[1], MAX_PATH) + 1, argv[1], MAX_PATH);
}
else
{
// Copy the filename starting at the slash
wcsncpy_s(filename, wcsnlen_s(argv[1], MAX_PATH) + 1, wcsrchr(argv[1], '\\') + 1, MAX_PATH);
}
// Compare filename with libeay32.dll. If not matched, assume libcrypto* / OpenSSL 1.1+
if ((wcsncmp(L"libeay32.dll", filename, wcslen(L"libeay32.dll"))) == 0)
{
USE_SSLEAY = 1;
}
HINSTANCE hLibModule = LoadLibrary(argv[1]);
if (!hLibModule)
{
if (GetLastError() == ERROR_BAD_EXE_FORMAT)
{
wcout << "Error: Library is not a " << bits << "-bit library" << endl;
return ERROR_BAD_EXE_FORMAT;
}
wcerr << "Could not load the dynamic library " << argv[1] << " Error=" << GetLastError() << endl;
return EXIT_FAILURE;
}
if (USE_SSLEAY)
{
f_SSLeay_version SSLeay_version = (f_SSLeay_version)GetProcAddress(hLibModule, "SSLeay_version");
if (!SSLeay_version)
{
cerr << "SSLeay_version() not found" << endl;
return EXIT_FAILURE;
}
cout << "SSLeay_version() returned " << SSLeay_version(SSLEAY_VERSION) << endl;
cout << "SSLeay_version() returned " << SSLeay_version(SSLEAY_DIR) << endl;
}
else
{
// OpenSSL 1.1+
f_OpenSSL_version OpenSSL_version = (f_OpenSSL_version)GetProcAddress(hLibModule, "OpenSSL_version");
if (!OpenSSL_version)
{
cerr << "OpenSSL_version() not found" << endl;
return EXIT_FAILURE;
}
cout << "OpenSSL_version() returned " << OpenSSL_version(OPENSSL_VERSION) << endl;
cout << "OpenSSL_version() returned " << OpenSSL_version(OPENSSL_DIR) << endl;
}
bool retval = FreeLibrary(hLibModule);
if (!retval)
{
wcerr << "Error unloading library " << argv[1] << endl;
return EXIT_FAILURE;
}
return EXIT_SUCCESS;
}