Difference between revisions of "Cert scan"
Jump to navigation
Jump to search
| (3 intermediate revisions by the same user not shown) | |||
| Line 89: | Line 89: | ||
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json | # cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json | ||
write-host "Check $($zoneName).json for scan results." | write-host "Check $($zoneName).json for scan results." | ||
| + | ``` | ||
| + | |||
| + | ## Convert JSON to greppable one liner | ||
| + | ``` | ||
| + | zoneName=example.com; cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"' > $zoneName.json.lines | ||
| + | ``` | ||
| + | |||
| + | # json to csv | ||
| + | ``` | ||
| + | cert -f json www.uvoo.me www.uvoo.io uvoo.io | jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]' | ||
| + | ``` | ||
| + | |||
| + | # Another Example | ||
| + | |||
| + | example.com.records | ||
| + | ``` | ||
| + | host1.example.com host2.example.com | ||
| + | ``` | ||
| + | |||
| + | |||
| + | cert-scan-to-csv.sh | ||
| + | ``` | ||
| + | #!/bin/bash | ||
| + | set -eu | ||
| + | |||
| + | |||
| + | |||
| + | if [ "$#" -ne 2 ]; then | ||
| + | echo "Usage: $0 <zoneName> <port>" | ||
| + | echo "Example: $0 example.com 443" | ||
| + | exit 1 | ||
| + | fi | ||
| + | |||
| + | zoneName=$1 | ||
| + | port=$2 | ||
| + | echo "Getting hosts array from $zoneName.records " | ||
| + | |||
| + | textToRemove="@.$zoneName" | ||
| + | hosts=$(cat $zoneName.records | sed 's/$textToRemove//g') | ||
| + | hosts=$(echo "$hosts" | sed -r "s/\s/:$port /g") | ||
| + | outfile="$zoneName.$port.csv" | ||
| + | # cert -f json -skip-verify $hosts | jq > $zoneName.json | ||
| + | cert -f json -skip-verify $hosts | jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]' > $outfile | ||
| + | ``` | ||
| + | |||
| + | Run command to build csv | ||
| + | ``` | ||
| + | cert-scan-to-csv.sh example.com 443 | ||
``` | ``` | ||
Latest revision as of 17:34, 25 January 2024
Certificate HTTPS Scanning
This can be used for quick checking of https endpoints. Default is 443.
Prerequisites
apt install jq
Download latest release for your platform from https://github.com/genkiroid/cert
get-dnsRecords.ps1
$ErrorActionPreference = "Stop"
if ($args.Count -lt 2) {
Write-Host "Usage: get-dnsRecords.ps1 <zone name/domain> <windows dns hostname>"
Write-Host "Example: get-dnsRecords.ps1 example win-dns-hostname"
exit 1
}
$zoneName = $args[0]
$dnsHost = $args[1]
# write-host "$zoneName"
# exit
$rsp = Invoke-Command -ComputerName $dnsHost -ScriptBlock {
param($zoneName, $dnsHost)
$dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType A
foreach ($record in $dnsRecords) {
Write-Output "$($record.HostName).$zoneName"
}
$dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType CName
foreach ($record in $dnsRecords) {
Write-Output "$($record.HostName).$zoneName"
}
} -ArgumentList $zoneName, $dnsHost
write-output "$rsp" | Out-File -FilePath ".\$($zoneName).records"
write-host "Records are in in file .\$($zoneName).records"
cert-scan.sh
#!/bin/bash
set -eu
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <zoneName>"
echo "Example: $0 example.com"
exit 1
fi
zoneName=$1
echo "Getting hosts array from $zoneName.records "
textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
cert -f json -skip-verify $hosts | jq > $zoneName.json
echo "Check $zoneName.json for scan results."
cert-scan.ps1
This only works if $hosts var array is smaller
$ErrorActionPreference = "Stop"
if ($args.Count -lt 1) {
Write-Host "Usage: cert-scan.ps1 <zoneName>"
Write-Host "Example: cert-scan.ps1 example.com"
exit 1
}
$zoneName = $args[0]
write-host "Getting hosts from $($zoneName).records "
$hosts = Get-Content .\$($zoneName).records
$textToRemove = "@.$zoneName"
$hosts = $hosts -replace [regex]::Escape($textToRemove), ""
$hosts = -split $hosts
cert.exe -f json -skip-verify $hosts
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json
write-host "Check $($zoneName).json for scan results."
Convert JSON to greppable one liner
zoneName=example.com; cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"' > $zoneName.json.lines
json to csv
cert -f json www.uvoo.me www.uvoo.io uvoo.io | jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]'
Another Example
example.com.records
host1.example.com host2.example.com
cert-scan-to-csv.sh
#!/bin/bash
set -eu
if [ "$#" -ne 2 ]; then
echo "Usage: $0 <zoneName> <port>"
echo "Example: $0 example.com 443"
exit 1
fi
zoneName=$1
port=$2
echo "Getting hosts array from $zoneName.records "
textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
hosts=$(echo "$hosts" | sed -r "s/\s/:$port /g")
outfile="$zoneName.$port.csv"
# cert -f json -skip-verify $hosts | jq > $zoneName.json
cert -f json -skip-verify $hosts | jq -r '(. | map(leaf_paths) | unique) as $cols | map (. as $row | ($cols | map(. as $col | $row | getpath($col)))) as $rows | ([($cols | map(. | map(tostring) | join(".")))] + $rows) | map(@csv) | .[]' > $outfile
Run command to build csv
cert-scan-to-csv.sh example.com 443