mali/ssl-checker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Replace pyOpenSSL With ssl Module

Browse Source
This commit is contained in:
Narbeh 2018-04-18 14:11:46 +04:30
parent 026c7cd3b8
commit 5e154d8914
2 changed files with 23 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@ -5,12 +5,6 @@
It's a simple script running in python that collects SSL information then it returns the group of information in JSON. It's a simple script running in python that collects SSL information then it returns the group of information in JSON.
# Requirements
You only need to installl pyOpenSSL:
`pip install pyopenssl`
# Usage # Usage
`python ssl_checker.py host1[:port] [host2:port] [host3:port]...` `python ssl_checker.py host1[:port] [host2:port] [host3:port]...`

51
ssl_checker.py
View File

@ -2,14 +2,8 @@
import socket import socket
import sys import sys
from ssl import create_default_context
from datetime import datetime from datetime import datetime
from ssl import PROTOCOL_TLSv1
try:
from OpenSSL import SSL
except ImportError:
print('Required module does not exist. Install: pip install pyopenssl')
sys.exit(1)
class TextColor: class TextColor:
@ -23,8 +17,8 @@ class TextColor:
def get_cert(host, port): def get_cert(host, port):
"""Connection to the host.""" """Connection to the host."""
osobj = SSL.Context(PROTOCOL_TLSv1) sslctx = create_default_context()
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock = sslctx.wrap_socket(socket.socket(), server_hostname=host)
try: try:
sock.connect((host, int(port))) sock.connect((host, int(port)))
@ -33,12 +27,7 @@ def get_cert(host, port):
print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e)) print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e))
return None return None
oscon = SSL.Connection(osobj, sock) cert = sock.getpeercert()
oscon.set_tlsext_host_name(host.encode())
oscon.set_connect_state()
oscon.do_handshake()
cert = oscon.get_peer_certificate()
sock.close() sock.close()
return cert return cert
@ -47,24 +36,30 @@ def get_cert_info(cert):
"""Get all the information about cert and create a JSON file.""" """Get all the information about cert and create a JSON file."""
context = {} context = {}
context['issuer_c'] = cert.get_issuer().countryName issued_to = dict(x[0] for x in cert['subject'])
context['issuer_o'] = cert.get_issuer().organizationName issued_by = dict(x[0] for x in cert['issuer'])
context['issuer_ou'] = cert.get_issuer().organizationalUnitName
context['issuer_cn'] = cert.get_issuer().commonName context['issuer_c'] = issued_by['countryName']
context['cert_sn'] = cert.get_serial_number() context['issuer_o'] = issued_by['organizationName']
context['cert_alg'] = cert.get_signature_algorithm().decode() context['issuer_cn'] = issued_by['commonName']
context['cert_ver'] = cert.get_version() context['issued_to'] = issued_to['commonName']
context['cert_exp'] = cert.has_expired() context['cert_sn'] = cert['serialNumber']
context['cert_ver'] = cert['version']
# Valid from # Valid from
valid_from = datetime.strptime(cert.get_notBefore().decode('ascii'), valid_from = datetime.strptime(cert['notBefore'], '%b %d %H:%M:%S %Y %Z')
'%Y%m%d%H%M%SZ')
context['valid_from'] = valid_from.strftime('%Y-%m-%d') context['valid_from'] = valid_from.strftime('%Y-%m-%d')
# Vali till # Vali till
valid_till = datetime.strptime(cert.get_notAfter().decode('ascii'), valid_till = datetime.strptime(cert['notAfter'], '%b %d %H:%M:%S %Y %Z')
'%Y%m%d%H%M%SZ')
context['valid_till'] = valid_till.strftime('%Y-%m-%d') context['valid_till'] = valid_till.strftime('%Y-%m-%d')
# Validity days
context['validity_days'] = (valid_till - valid_from).days
# Expiry check
context['expired'] = False if valid_till >= datetime.now() else True
return context return context
@ -92,7 +87,7 @@ def filter_hostname(host):
port = 443 port = 443
if ':' in host: if ':' in host:
host, port = host.split(':') host, port = host.split(':')
return host, port return host, port