From 2454a669bb87abcc9f3538163bf485d3741f2731 Mon Sep 17 00:00:00 2001
From: evilsocket <evilsocket@gmail.com>
Date: Sun, 14 Jan 2018 14:12:11 +0100
Subject: [PATCH] fix: using spoofed names for TLS certificate generation in
 order to be less fingerprintable (fixes #12)

---
 modules/api_rest.go | 4 ++--
 tls/cert.go         | 9 +++++----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/modules/api_rest.go b/modules/api_rest.go
index 4d26e529..2322de8e 100644
--- a/modules/api_rest.go
+++ b/modules/api_rest.go
@@ -42,12 +42,12 @@ func NewRestAPI(s *session.Session) *RestAPI {
 		"API authentication username."))
 
 	api.AddParam(session.NewStringParameter("api.rest.certificate",
-		"~/.bettercap-ng.api.rest.certificate.pem",
+		"~/.bcap-api.rest.certificate.pem",
 		"",
 		"API TLS certificate."))
 
 	api.AddParam(session.NewStringParameter("api.rest.key",
-		"~/.bettercap-ng.api.rest.key.pem",
+		"~/.bcap-api.rest.key.pem",
 		"",
 		"API TLS key"))
 
diff --git a/tls/cert.go b/tls/cert.go
index 026bab97..990bab7a 100644
--- a/tls/cert.go
+++ b/tls/cert.go
@@ -30,7 +30,8 @@ func Generate(certPath string, keyPath string) error {
 	}
 
 	notBefore := time.Now()
-	notAfter := notBefore.Add(time.Duration(24*365) * time.Hour)
+	aYear := time.Duration(365*24) * time.Hour
+	notAfter := notBefore.Add(aYear)
 	serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128)
 	serialNumber, err := rand.Int(rand.Reader, serialNumberLimit)
 	if err != nil {
@@ -40,9 +41,9 @@ func Generate(certPath string, keyPath string) error {
 	template := x509.Certificate{
 		SerialNumber: serialNumber,
 		Subject: pkix.Name{
-			CommonName:         "bettercap-ng",
-			Organization:       []string{"bettercap-ng"},
-			OrganizationalUnit: []string{"RSA key generation module"},
+			CommonName:         "www.cisco.com",
+			Organization:       []string{"Cisco Systems, Inc."},
+			OrganizationalUnit: []string{"Cisco Systems, Inc."},
 		},
 		NotBefore:             notBefore,
 		NotAfter:              notAfter,