fix: using spoofed names for TLS certificate generation in order to be less fingerprintable (fixes #12)

modules/api_rest.go

@@ -42,12 +42,12 @@ func NewRestAPI(s *session.Session) *RestAPI {
 		"API authentication username."))
 
 	api.AddParam(session.NewStringParameter("api.rest.certificate",
-		"~/.bettercap-ng.api.rest.certificate.pem",
+		"~/.bcap-api.rest.certificate.pem",
 		"",
 		"API TLS certificate."))
 
 	api.AddParam(session.NewStringParameter("api.rest.key",
-		"~/.bettercap-ng.api.rest.key.pem",
+		"~/.bcap-api.rest.key.pem",
 		"",
 		"API TLS key"))
 

tls/cert.go

@@ -30,7 +30,8 @@ func Generate(certPath string, keyPath string) error {
 	}
 
 	notBefore := time.Now()
-	notAfter := notBefore.Add(time.Duration(24*365) * time.Hour)
+	aYear := time.Duration(365*24) * time.Hour
+	notAfter := notBefore.Add(aYear)
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
 	if err != nil {
@@ -40,9 +41,9 @@ func Generate(certPath string, keyPath string) error {
 	template := x509.Certificate{
 		SerialNumber: serialNumber,
 		Subject: pkix.Name{
-			CommonName:         "bettercap-ng",
-			Organization:       []string{"bettercap-ng"},
-			OrganizationalUnit: []string{"RSA key generation module"},
+			CommonName:         "www.cisco.com",
+			Organization:       []string{"Cisco Systems, Inc."},
+			OrganizationalUnit: []string{"Cisco Systems, Inc."},
 		},
 		NotBefore:             notBefore,
 		NotAfter:              notAfter,