mali/ssl-checker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert Back To pyOpenSSL Again!!!

Browse Source
This commit is contained in:
Narbeh 2018-04-18 16:32:41 +04:30
parent be0c23b481
commit 6a14ff3796
2 changed files with 44 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -1,17 +1,23 @@
# SSL Checker
#### Simple Python script that collects SSL information from hosts
# About
## About
It's a simple script running in python that collects SSL information then it returns the group of information in JSON.
# Usage
## Requirements
You only need to installl pyOpenSSL:
`pip install pyopenssl`
## Usage
`python ssl_checker.py host1[:port] [host2:port] [host3:port]...`
Port is optional here. The script will use 443 if not specified.
# Example
## Example
```bash
narbeh@narbeh-xps:~/ssl-checker$ python ssl_checker.py cisco.com archive.org ttttessssttt.com

56
ssl_checker.py
View File

@ -2,8 +2,14 @@
import socket
import sys
from ssl import create_default_context
from datetime import datetime
from ssl import PROTOCOL_TLSv1
try:
from OpenSSL import SSL
except ImportError:
print('Required module does not exist. Install: pip install pyopenssl')
sys.exit(1)
class TextColor:
@ -17,18 +23,28 @@ class TextColor:
def get_cert(host, port):
"""Connection to the host."""
sslctx = create_default_context()
sock = sslctx.wrap_socket(socket.socket(), server_hostname=host)
osobj = SSL.Context(PROTOCOL_TLSv1)
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try:
sock.connect((host, int(port)))
print('\t{}[+]{} {}'.format(TextColor.GREEN, TextColor.RESET, host))
except Exception as e:
print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e))
return None
cert = sock.getpeercert()
oscon = SSL.Connection(osobj, sock)
oscon.set_tlsext_host_name(host.encode())
oscon.set_connect_state()
try:
oscon.do_handshake()
except Exception as e:
print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e))
return None
print('\t{}[+]{} {}'.format(TextColor.GREEN, TextColor.RESET, host))
cert = oscon.get_peer_certificate()
sock.close()
return cert
@ -36,30 +52,28 @@ def get_cert_info(cert):
"""Get all the information about cert and create a JSON file."""
context = {}
issued_to = dict(x[0] for x in cert['subject'])
issued_by = dict(x[0] for x in cert['issuer'])
context['issuer_c'] = issued_by['countryName']
context['issuer_o'] = issued_by['organizationName']
context['issuer_cn'] = issued_by['commonName']
context['issued_to'] = issued_to['commonName']
context['cert_sn'] = cert['serialNumber']
context['cert_ver'] = cert['version']
context['issuer_c'] = cert.get_issuer().countryName
context['issuer_o'] = cert.get_issuer().organizationName
context['issuer_ou'] = cert.get_issuer().organizationalUnitName
context['issuer_cn'] = cert.get_issuer().commonName
context['cert_sn'] = cert.get_serial_number()
context['cert_alg'] = cert.get_signature_algorithm().decode()
context['cert_ver'] = cert.get_version()
context['cert_exp'] = cert.has_expired()
# Valid from
valid_from = datetime.strptime(cert['notBefore'], '%b %d %H:%M:%S %Y %Z')
valid_from = datetime.strptime(cert.get_notBefore().decode('ascii'),
'%Y%m%d%H%M%SZ')
context['valid_from'] = valid_from.strftime('%Y-%m-%d')
# Vali till
valid_till = datetime.strptime(cert['notAfter'], '%b %d %H:%M:%S %Y %Z')
# Valid till
valid_till = datetime.strptime(cert.get_notAfter().decode('ascii'),
'%Y%m%d%H%M%SZ')
context['valid_till'] = valid_till.strftime('%Y-%m-%d')
# Validity days
context['validity_days'] = (valid_till - valid_from).days
# Expiry check
context['expired'] = False if valid_till >= datetime.now() else True
return context
@ -76,7 +90,7 @@ def show_result(hosts):
else:
failed_cnt += 1
print('\n{} successful and {} failed.'.format(len(hosts) - failed_cnt, failed_cnt))
print('\n{} successful and {} failed.\n'.format(len(hosts) - failed_cnt, failed_cnt))
print(context)