mali/ssl-checker
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Revert Back To pyOpenSSL Again!!!

Browse Source
This commit is contained in:
Narbeh 2018-04-18 16:32:41 +04:30
parent be0c23b481
commit 6a14ff3796
2 changed files with 44 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
README.md
View File

@ -1,17 +1,23 @@
# SSL Checker # SSL Checker
#### Simple Python script that collects SSL information from hosts #### Simple Python script that collects SSL information from hosts
# About ## About
It's a simple script running in python that collects SSL information then it returns the group of information in JSON. It's a simple script running in python that collects SSL information then it returns the group of information in JSON.
# Usage ## Requirements
You only need to installl pyOpenSSL:
`pip install pyopenssl`
## Usage
`python ssl_checker.py host1[:port] [host2:port] [host3:port]...` `python ssl_checker.py host1[:port] [host2:port] [host3:port]...`
Port is optional here. The script will use 443 if not specified. Port is optional here. The script will use 443 if not specified.
# Example ## Example
```bash ```bash
narbeh@narbeh-xps:~/ssl-checker$ python ssl_checker.py cisco.com archive.org ttttessssttt.com narbeh@narbeh-xps:~/ssl-checker$ python ssl_checker.py cisco.com archive.org ttttessssttt.com

56
ssl_checker.py
View File

@ -2,8 +2,14 @@
import socket import socket
import sys import sys
from ssl import create_default_context
from datetime import datetime from datetime import datetime
from ssl import PROTOCOL_TLSv1
try:
from OpenSSL import SSL
except ImportError:
print('Required module does not exist. Install: pip install pyopenssl')
sys.exit(1)
class TextColor: class TextColor:
@ -17,18 +23,28 @@ class TextColor:
def get_cert(host, port): def get_cert(host, port):
"""Connection to the host.""" """Connection to the host."""
sslctx = create_default_context() osobj = SSL.Context(PROTOCOL_TLSv1)
sock = sslctx.wrap_socket(socket.socket(), server_hostname=host) sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
try: try:
sock.connect((host, int(port))) sock.connect((host, int(port)))
print('\t{}[+]{} {}'.format(TextColor.GREEN, TextColor.RESET, host))
except Exception as e: except Exception as e:
print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e)) print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e))
return None return None
cert = sock.getpeercert() oscon = SSL.Connection(osobj, sock)
oscon.set_tlsext_host_name(host.encode())
oscon.set_connect_state()
try:
oscon.do_handshake()
except Exception as e:
print('\t{}[-]{} {} failed: {}'.format(TextColor.RED, TextColor.RESET, host, e))
return None
print('\t{}[+]{} {}'.format(TextColor.GREEN, TextColor.RESET, host))
cert = oscon.get_peer_certificate()
sock.close() sock.close()
return cert return cert
@ -36,30 +52,28 @@ def get_cert_info(cert):
"""Get all the information about cert and create a JSON file.""" """Get all the information about cert and create a JSON file."""
context = {} context = {}
issued_to = dict(x[0] for x in cert['subject']) context['issuer_c'] = cert.get_issuer().countryName
issued_by = dict(x[0] for x in cert['issuer']) context['issuer_o'] = cert.get_issuer().organizationName
context['issuer_ou'] = cert.get_issuer().organizationalUnitName
context['issuer_c'] = issued_by['countryName'] context['issuer_cn'] = cert.get_issuer().commonName
context['issuer_o'] = issued_by['organizationName'] context['cert_sn'] = cert.get_serial_number()
context['issuer_cn'] = issued_by['commonName'] context['cert_alg'] = cert.get_signature_algorithm().decode()
context['issued_to'] = issued_to['commonName'] context['cert_ver'] = cert.get_version()
context['cert_sn'] = cert['serialNumber'] context['cert_exp'] = cert.has_expired()
context['cert_ver'] = cert['version']
# Valid from # Valid from
valid_from = datetime.strptime(cert['notBefore'], '%b %d %H:%M:%S %Y %Z') valid_from = datetime.strptime(cert.get_notBefore().decode('ascii'),
'%Y%m%d%H%M%SZ')
context['valid_from'] = valid_from.strftime('%Y-%m-%d') context['valid_from'] = valid_from.strftime('%Y-%m-%d')
# Vali till # Valid till
valid_till = datetime.strptime(cert['notAfter'], '%b %d %H:%M:%S %Y %Z') valid_till = datetime.strptime(cert.get_notAfter().decode('ascii'),
'%Y%m%d%H%M%SZ')
context['valid_till'] = valid_till.strftime('%Y-%m-%d') context['valid_till'] = valid_till.strftime('%Y-%m-%d')
# Validity days # Validity days
context['validity_days'] = (valid_till - valid_from).days context['validity_days'] = (valid_till - valid_from).days
# Expiry check
context['expired'] = False if valid_till >= datetime.now() else True
return context return context
@ -76,7 +90,7 @@ def show_result(hosts):
else: else:
failed_cnt += 1 failed_cnt += 1
print('\n{} successful and {} failed.'.format(len(hosts) - failed_cnt, failed_cnt)) print('\n{} successful and {} failed.\n'.format(len(hosts) - failed_cnt, failed_cnt))
print(context) print(context)