Cert scan

From UVOO Tech Wiki
Jump to navigation Jump to search

Certificate HTTPS Scanning

This can be used for quick checking of https endpoints. Default is 443.

Prerequisites

apt install jq

Download latest release for your platform from https://github.com/genkiroid/cert

get-dnsRecords.ps1

$ErrorActionPreference = "Stop"

if ($args.Count -lt 2) {
    Write-Host "Usage:   get-dnsRecords.ps1 <zone name/domain> <windows dns hostname>"
    Write-Host "Example: get-dnsRecords.ps1 example win-dns-hostname"
    exit 1
}

$zoneName = $args[0]
$dnsHost = $args[1]

# write-host "$zoneName"
# exit

$rsp = Invoke-Command -ComputerName $dnsHost -ScriptBlock {
  param($zoneName, $dnsHost)
  $dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType A
  foreach ($record in $dnsRecords) {
    Write-Output "$($record.HostName).$zoneName"
  }
  $dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType CName
  foreach ($record in $dnsRecords) {
    Write-Output "$($record.HostName).$zoneName"
  }
} -ArgumentList $zoneName, $dnsHost
write-output "$rsp" | Out-File -FilePath ".\$($zoneName).records"
write-host "Records are in in file .\$($zoneName).records"

cert-scan.sh

#!/bin/bash
set -eu



if [ "$#" -ne 1 ]; then
    echo "Usage:   $0 <zoneName>"
    echo "Example: $0 example.com"
    exit 1
fi

zoneName=$1
echo "Getting hosts array from $zoneName.records "

textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
cert -f json -skip-verify $hosts | jq > $zoneName.json

echo "Check $zoneName.json for scan results."

cert-scan.ps1

This only works if $hosts var array is smaller 

$ErrorActionPreference = "Stop"

if ($args.Count -lt 1) {
    Write-Host "Usage:   cert-scan.ps1 <zoneName>"
    Write-Host "Example: cert-scan.ps1 example.com"
    exit 1
}

$zoneName = $args[0]
write-host "Getting hosts from $($zoneName).records "


$hosts = Get-Content .\$($zoneName).records
$textToRemove = "@.$zoneName"
$hosts = $hosts -replace [regex]::Escape($textToRemove), ""
$hosts = -split $hosts

cert.exe -f json -skip-verify $hosts
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json
write-host "Check $($zoneName).json for scan results."

Convert JSON to greppable one liner

zoneName=example.com; cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"' > $zoneName.json.lines

json to csv

cert -f json www.uvoo.me www.uvoo.io  uvoo.io | jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]'

Another Example

example.com.records 

host1.example.com host2.example.com

cert-scan-to-csv.sh 

#!/bin/bash
set -eu



if [ "$#" -ne 2 ]; then
    echo "Usage:   $0 <zoneName> <port>"
    echo "Example: $0 example.com 443"
    exit 1
fi

zoneName=$1
port=$2
echo "Getting hosts array from $zoneName.records "

textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
hosts=$(echo "$hosts" | sed -r "s/\s/:$port /g")
outfile="$zoneName.$port.csv"
# cert -f json -skip-verify $hosts | jq > $zoneName.json
cert -f json -skip-verify $hosts |  jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]' > $outfile

Run command to build csv 

cert-scan-to-csv.sh example.com 443
Retrieved from "https://tech.uvoo.io/index.php?title=Cert_scan&oldid=4916"