teddycloud
teddycloud copied to clipboard
Published
5 months ago
•
toniebox-reverse-engineering
toniebox-reverse-engineering
Download CA from Tonies Server
Use teddyCloud to download the Boxine CA. Users may lose it, if they don't backup properly.
Following bash does the same:
#!/bin/bash
openssl s_client -showcerts -verify 5 -connect prod.de.tbs.toys:443 < /dev/null |
awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
for cert in *.pem; do
newname=$(openssl x509 -noout -subject -in $cert | sed -nE 's/.*CN ?= ?(.*)/\1/; s/[ ,.*]/_/g; s/__/_/g; s/_-_/-/; s/^_//g;p' | tr '[:upper:]' '[:lower:]').pem
if [[ "${newname}" == "boxine_ca.pem" ]]; then
openssl x509 -in "${cert}" -out ca.der -outform DER
fi
rm ${cert}
done
Or as a one-liner:
echo "" | openssl s_client -host prod.de.tbs.toys -port 443 -showcerts | awk '/BEGIN CERTIFICATE/ {p=1} ; p==1; /END CERTIFICATE/ {p=0}' | awk '$0=="-----BEGIN CERTIFICATE-----" {n++} n>2' | openssl x509 -outform der -out ca.der
But saving the whole chain and looking for the CA name is probably safer.
