Script ssl-date

Script types: portrule
Categories: discovery, safe, default
Download: https://svn.nmap.org/nmap/scripts/ssl-date.nse

Script Summary

Retrieves a target host's time and date from its TLS ServerHello response.

In many TLS implementations, the first four bytes of server randomness are a Unix timestamp. The script will test whether this is indeed true and report the time only if it passes this test.

Original idea by Jacob Appelbaum and his TeaTime and tlsdate tools:

• https://github.com/ioerror/TeaTime
• https://github.com/ioerror/tlsdate

Script Arguments

mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username

See the documentation for the mssql library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

smtp.domain

See the documentation for the smtp library.

randomseed, smbbasic, smbport, smbsign

See the documentation for the smb library.

tls.servername

See the documentation for the tls library.

Example Usage

nmap <target> --script=ssl-date

Script Output

PORT    STATE SERVICE REASON
5222/tcp open  xmpp-client syn-ack
|_ssl-date: 2012-08-02T18:29:31Z; +4s from local time.

Requires

• shortport
• stdnse
• math
• nmap
• os
• string
• sslcert
• tls
• datetime

---

Authors:

• Aleksandar Nikolic
• nnposter

License: Same as Nmap--See https://nmap.org/book/man-legal.html