From: Russ Handorf Date: Sat, 27 Jan 2018 16:31:33 +0000 (-0500) Subject: initial commit X-Git-Url: https://handorf.org/code/?a=commitdiff_plain;ds=sidebyside;p=cert-scanner.git initial commit --- e7cbc1607ba50e9412e519dd21e9cf3cf8d2b2a3 diff --git a/scanner.py b/scanner.py new file mode 100755 index 0000000..a760508 --- /dev/null +++ b/scanner.py @@ -0,0 +1,83 @@ +#!/usr/bin/python + +import time +import argparse +import ipcalc +from socket import * +import ssl +import M2Crypto +import OpenSSL +import csv +import sys +import threading + +subnet="" +ports="" +host="" + +parser = argparse.ArgumentParser(prog='Scanner.') +parser.add_argument('-s', action="store", help='subnet') +parser.add_argument('-host', action="store", help='host') +parser.add_argument('-p', action="store", help='ports') + +args = parser.parse_args() +if len(sys.argv[1:])==0: + print "Choose a -s or -host" + print "-s for subnet" + print "-host for single host" + print "-p for ports" + exit() + +subnet=args.s +host=args.host +ports=args.p.split(",") + +setdefaulttimeout(3) + +threads = [] +maxcount=256 +counter=0 +threadcount=0 + +def scanner(host,port): + global threadcount + global writer + threadcount += 1 + try: + cert = ssl.get_server_certificate((str(host), int(port))) + x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert) + writer.writerow({'HOST': str(host), 'PORT': str(port), 'EXPIRED': format(x509.has_expired()), 'VALID FROM': format(x509.get_notBefore()), 'VALID UNTIL': format(x509.get_notAfter())}) + except (error, timeout) as err: + a=error + threadcount -= 1 + +with open('hosts.csv', 'w') as hostfile: + fieldnames = ['HOST', 'PORT', 'EXPIRED', 'VALID FROM', 'VALID UNTIL'] + writer = csv.DictWriter(hostfile, fieldnames=fieldnames) + writer.writeheader() + + if subnet != None: + for host in ipcalc.Network(subnet): + for port in ports: + if counter