This small script scans for open port 443 using nmap, and uses openssl to connect to the server, extract the certificate, and parse it to human readable format. Then it prefixes all output lines with the IP address to make the output file grep-able.
#!/bin/bash
# shell script to find and extract certificates from web servers# (c) Copyright 2015 by Povl H. Pedersen - This script can be modified and used# as you wish. Do not use as is without attribution.
pid=$$
cd /tmp
nmap -p80,443 -oA /tmp/sslscan-$pid -PS443 -sT $@ >/dev/null
# sed on the 2nd line is there to sanitize IP addresses to contain only digits + .
# This to avoid commands/garbage/race condition from the nmap output file to be executed.
cat /tmp/sslscan-$pid.gnmap | fgrep ' 443/open' | awk ' {print $2}' |
sed 's/[^0-9\.]*//g' |
awk ' {print "openssl s_client -connect "$1":443 </dev/null |openssl x509 -noout -text | sed \"s/^/"$1"\t/\""}' |
sh
rm -f /tmp/sslscan-$pid.*nmap
Ingen kommentarer:
Send en kommentar