'sslchecker' ändern
This commit is contained in:
parent
fee24e5554
commit
84f392b836
1 changed files with 13 additions and 24 deletions
31
sslchecker
31
sslchecker
|
|
@ -67,23 +67,9 @@ LocalCheck()
|
|||
|
||||
RemoteCheck()
|
||||
{
|
||||
echo | openssl s_client -connect $host:$port -servername $host 2>/dev/null | openssl x509 -noout -text -certopt no_header,no_version,no_serial,no_signame,no_pubkey,no_sigdump,no_aux
|
||||
nmap --script ssl-cert -p $port $host -oX - | xmlstarlet sel -t -m '/nmaprun/host/ports/port' -o "CA=\"" -v 'script/table/elem[@key="organizationName"]' -o "\"" -o $'\n' -o "BEGINN=\"" -v 'script/table/elem[@key="notBefore"]' -o "\"" -o $'\n' -o "ENDING=\"" -v 'script/table/elem[@key="notAfter"]' -o "\"" -o $'\n' -o "DOMAINS=\"" -v 'script/table/table[elem="X509v3 Subject Alternative Name"]/elem[@key="value"]' -o "\"" -n - | sed -e 's/DNS://g'
|
||||
}
|
||||
|
||||
AltName()
|
||||
{
|
||||
grep -A1 "Subject Alternative Name:" | tail -n1 | sed 's/\*/wildcard/g' | sed 's/DNS://g' | tr -d ' ' | tr ',' '\n'
|
||||
}
|
||||
|
||||
Validation()
|
||||
{
|
||||
grep "CN =" | grep "Issuer" | sed 's/^.*CN = //g'
|
||||
}
|
||||
|
||||
ValidDate()
|
||||
{
|
||||
grep "Not" | sed 's/^[^:]*: //g'
|
||||
}
|
||||
Records()
|
||||
{
|
||||
ipv4s=`dig +short A $host`
|
||||
|
|
@ -109,12 +95,15 @@ if [ -z "$port" ]; then
|
|||
port="443"
|
||||
fi
|
||||
|
||||
source <(RemoteCheck)
|
||||
|
||||
echo -e '\e[90m\e[1m\e[104mCert is valid for:\e[0m'
|
||||
RemoteCheck | AltName
|
||||
echo \ $DOMAINS | sed 's/,/\n/g'
|
||||
echo -e '\e[90m\e[1m\e[101mValidated by:\e[0m'
|
||||
RemoteCheck | Validation
|
||||
echo \ $CA
|
||||
echo -e '\e[90m\e[1m\e[43mValidated from to:\e[0m'
|
||||
RemoteCheck | ValidDate
|
||||
echo \ $BEGINN
|
||||
echo \ $ENDING
|
||||
echo -e '\e[90m\e[1m\e[102mIP and Reverse Lookups:\e[0m'
|
||||
Records
|
||||
fi
|
||||
|
|
@ -125,13 +114,13 @@ if [ "$source" == "update" ]; then
|
|||
fi
|
||||
|
||||
if [ "$source" == "version" ]; then
|
||||
echo "Version 2021-09-28"
|
||||
echo "Version 2021-10-29"
|
||||
fi
|
||||
|
||||
if [ "$source" == "cipher" ]; then
|
||||
if [ -z "$port" ]; then
|
||||
port="443"
|
||||
fi
|
||||
|
||||
nmap --script ssl-enum-ciphers -p $port $host
|
||||
echo -e '\e[90m\e[1m\e[104mTLS Version | Cipher | Kex \e[0m'
|
||||
nmap --script ssl-enum-ciphers -p $port $host -oX - | xmlstarlet sel -t -m '//nmaprun/host/ports/port/script/table/table/table' -v '../../@key' -o " | " -v 'elem[@key="name"]' -o ' | ' -v 'elem[@key="kex_info"]' -n
|
||||
fi
|
||||
Loading…
Add table
Add a link
Reference in a new issue