diff --git a/README.md b/README.md index cd23c84..495d717 100644 --- a/README.md +++ b/README.md @@ -41,18 +41,38 @@ Port is optional here. The script will use 443 if not specified. ## Example ``` -narbeh@narbeh-xps:~/ssl-checker$ ./ssl_checker.py -H test.com narbeh.org:443 archive.org facebook.com:443 twitter.com github.com google.com -Analyzing 7 hosts: +narbeh@narbeh-xps:~/ssl-checker$ ./ssl_checker.py -H narbeh.org google.com:443 facebook.com +Analyzing 3 hosts: +------------------- - [+] test.com Expired: False - [+] narbeh.org Expired: False - [+] archive.org Expired: False + [+] narbeh.org + + Issued domain: narbeh.org + Issued by: Let's Encrypt + Valid from: 2018-04-21 + Valid to: 2018-07-20 (89 days left) + Validity days: 90 + Certificate S/N: 338163108483756707389368573553026254634358 + Certificate version: 2 + Certificate algorithm: sha256WithRSAEncryption + Expired: False + ---- + [+] google.com + + Issued domain: *.google.com + Issued by: Google Inc + Valid from: 2018-03-28 + Valid to: 2018-06-20 (59 days left) + Validity days: 83 + Certificate S/N: 2989116342670522968 + Certificate version: 2 + Certificate algorithm: sha256WithRSAEncryption + Expired: False + ---- [-] facebook.com Failed: [Errno 111] Connection refused - [-] twitter.com Failed: [Errno 111] Connection refused - [+] github.com Expired: False - [+] google.com Expired: False + ---- -5 successful and 2 failed +2 successful and 1 failed ``` diff --git a/ssl_checker.py b/ssl_checker.py index 18474f1..64bc100 100755 --- a/ssl_checker.py +++ b/ssl_checker.py @@ -67,12 +67,26 @@ def get_cert_info(host, cert): # Validity days context['validity_days'] = (valid_till - valid_from).days - # Certificate validation - context['valid'] = True if host == context['issued_to'] else False - return context +def print_status(host, context): + """Print all the usefull info about host.""" + days_left = (datetime.strptime(context[host]['valid_till'], '%Y-%m-%d') - datetime.now()).days + + print('\t{}[+]{} {}\n'.format(Clr.GREEN, Clr.RST, host)) + print('\t\tIssued domain: {}'.format(context[host]['issued_to'])) + print('\t\tIssued by: {}'.format(context[host]['issuer_o'])) + print('\t\tValid from: {}'.format(context[host]['valid_from'])) + print('\t\tValid to: {} ({} days left)'.format(context[host]['valid_till'], days_left)) + print('\t\tValidity days: {}'.format(context[host]['validity_days'])) + print('\t\tCertificate S/N: {}'.format(context[host]['cert_sn'])) + print('\t\tCertificate version: {}'.format(context[host]['cert_ver'])) + print('\t\tCertificate algorithm: {}'.format(context[host]['cert_alg'])) + print('\t\tExpired: {}'.format(context[host]['cert_exp'])) + print('\t----') + + def show_result(user_args): """Get the context.""" context = {} @@ -80,7 +94,7 @@ def show_result(user_args): hosts = user_args.hosts if not user_args.json_true: - print('Analyzing {} hosts:\n'.format(len(hosts))) + print('Analyzing {} hosts:\n{}\n'.format(len(hosts), '-' * 19)) for host in hosts: host, port = filter_hostname(host) @@ -93,10 +107,11 @@ def show_result(user_args): cert = get_cert(host, port) context[host] = get_cert_info(host, cert) if not user_args.json_true: - print('\t{}[+]{} {:<20s} Expired: {}'.format(Clr.GREEN, Clr.RST, host, context[host]['cert_exp'])) + print_status(host, context) except Exception as error: if not user_args.json_true: print('\t{}[-]{} {:<20s} Failed: {}'.format(Clr.RED, Clr.RST, host, error)) + print('\t----') failed_cnt += 1