Skip to content

Instantly share code, notes, and snippets.

@withzombies

withzombies/opendns mitm

Created October 21, 2016 18:34
Show Gist options
  • Save withzombies/67fcf5973b0d4a2a903c0f02fa8021cc to your computer and use it in GitHub Desktop.
Save withzombies/67fcf5973b0d4a2a903c0f02fa8021cc to your computer and use it in GitHub Desktop.
Download ZIP
opendns is man-in-the-middling me
Raw
opendns mitm
$ dig calendar.google.com @208.67.222.222
; <<>> DiG 9.8.3-P1 <<>> calendar.google.com @208.67.222.222
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;calendar.google.com. IN A
;; ANSWER SECTION:
calendar.google.com. 0 IN A 146.112.61.106
;; Query time: 5 msec
;; SERVER: 208.67.222.222#53(208.67.222.222)
;; WHEN: Fri Oct 21 14:22:59 2016
;; MSG SIZE rcvd: 53
$ openssl s_client -connect 146.112.61.106:443
CONNECTED(00000003)
depth=2 /CN=Cisco Umbrella Primary SubCA/O=Cisco
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
0 s:/C=US/ST=California/L=San Francisco/O=OpenDNS, Inc./CN=*.opendns.com
i:/CN=Cisco Umbrella Secondary SubCA nyc-SG/O=Cisco
1 s:/CN=Cisco Umbrella Secondary SubCA nyc-SG/O=Cisco
i:/CN=Cisco Umbrella Primary SubCA/O=Cisco
2 s:/CN=Cisco Umbrella Primary SubCA/O=Cisco
i:/CN=OpenDNS Root CA 1/C=US/O=OpenDNS, Inc.
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDITCCAgkCBFgCFQMwDQYJKoZIhvcNAQELBQAwQDEuMCwGA1UEAwwlQ2lzY28g
VW1icmVsbGEgU2Vjb25kYXJ5IFN1YkNBIG55Yy1TRzEOMAwGA1UECgwFQ2lzY28w
HhcNMTYxMDE4MjAzMjE4WhcNMTYxMDIzMjAzMjE4WjBqMQswCQYDVQQGEwJVUzET
MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzEWMBQG
A1UECgwNT3BlbkROUywgSW5jLjEWMBQGA1UEAwwNKi5vcGVuZG5zLmNvbTCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN2ruRk27mwMpRGemHZpOZein16E
mD20mPawaaRF9TiZm5WffxFz3+P0qOB+PGbLDlq4WmzX7MoxBPLdY78B2Xzv71os
P1X+h87rxij+i2n5Mh8rtVaQEoOEcq/KmvebOHYX58QjZb3GbTVjno/42fvJ7LCi
11PPWox/yS/VEeMJqKmUW2kGY9JCxfbun5DfnhD8ZhTTc001xXXeFl0ZGpZ43yTl
CeFP/AuKXbksLpTR22nv1+SU9mPwNOoMuBdymDcz51pQpAPSL4ZUkkgJ2M4GWw+S
6E10C9C4WO1kIVJ28ngya2hgJG7i3IgfdPs31HCTpWBnNwL6WtNlz+Em1F0CAwEA
ATANBgkqhkiG9w0BAQsFAAOCAQEAiSkDFG00pI2ulW9smviw32GqJNzYPiCamHi7
4gFuSBWP2Jf+KIxSNt/6d3QlKZls5h38ov+OhtifCLzef4/MaCDbfZM0NRBnRWlO
Pk65kUdNhesdpTHZOoOX2HllET4gYiUbJeGNrLtys8xnijJpy+0ZwEklQDdXfsGF
dd9CsgP5esK5ACX4zfzLB5zIgP+n2Oh7rSbeuFoCN6SqB0O9IPI4JfQRPSjwyJjM
aw3riVHcK2NAMhvqb6xdZ3NU/arkfl7PwBf91ELTCP8kfWB11k+fzuZzKRloQyW6
Uahxf4CCBB3saGIDf38xChgbRPKWCP20nMnFwABE8DoVKTpvaw==
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=San Francisco/O=OpenDNS, Inc./CN=*.opendns.com
issuer=/CN=Cisco Umbrella Secondary SubCA nyc-SG/O=Cisco
---
No client certificate CA names sent
---
SSL handshake has read 2920 bytes and written 456 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
Session-ID: 1EC6193DFD8D4BA12652D7894B279DA393D68CF2D38BA975B880EBFD148EC64B
Session-ID-ctx:
Master-Key: DE857F4B73C4973DB6C7B70085BEB28E477FFD04D41BA93EAA671E6783C343051B44188AD551CB3BABD33671B9200343
Key-Arg : None
Start Time: 1477074181
Timeout : 300 (sec)
Verify return code: 20 (unable to get local issuer certificate)
---
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment