Difference between revisions of "Cert scan"
Jump to navigation
Jump to search
| Line 89: | Line 89: | ||
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json | # cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json | ||
write-host "Check $($zoneName).json for scan results." | write-host "Check $($zoneName).json for scan results." | ||
| + | ``` | ||
| + | |||
| + | ## Convert JSON to greppable one liner | ||
| + | ``` | ||
| + | cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"' | ||
``` | ``` | ||
Revision as of 17:09, 19 January 2024
Certificate HTTPS Scanning
This can be used for quick checking of https endpoints. Default is 443.
Prerequisites
apt install jq
Download latest release for your platform from https://github.com/genkiroid/cert
get-dnsRecords.ps1
$ErrorActionPreference = "Stop"
if ($args.Count -lt 2) {
Write-Host "Usage: get-dnsRecords.ps1 <zone name/domain> <windows dns hostname>"
Write-Host "Example: get-dnsRecords.ps1 example win-dns-hostname"
exit 1
}
$zoneName = $args[0]
$dnsHost = $args[1]
# write-host "$zoneName"
# exit
$rsp = Invoke-Command -ComputerName $dnsHost -ScriptBlock {
param($zoneName, $dnsHost)
$dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType A
foreach ($record in $dnsRecords) {
Write-Output "$($record.HostName).$zoneName"
}
$dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType CName
foreach ($record in $dnsRecords) {
Write-Output "$($record.HostName).$zoneName"
}
} -ArgumentList $zoneName, $dnsHost
write-output "$rsp" | Out-File -FilePath ".\$($zoneName).records"
write-host "Records are in in file .\$($zoneName).records"
cert-scan.sh
#!/bin/bash
set -eu
if [ "$#" -ne 1 ]; then
echo "Usage: $0 <zoneName>"
echo "Example: $0 example.com"
exit 1
fi
zoneName=$1
echo "Getting hosts array from $zoneName.records "
textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
cert -f json -skip-verify $hosts | jq > $zoneName.json
echo "Check $zoneName.json for scan results."
cert-scan.ps1
This only works if $hosts var array is smaller
$ErrorActionPreference = "Stop"
if ($args.Count -lt 1) {
Write-Host "Usage: cert-scan.ps1 <zoneName>"
Write-Host "Example: cert-scan.ps1 example.com"
exit 1
}
$zoneName = $args[0]
write-host "Getting hosts from $($zoneName).records "
$hosts = Get-Content .\$($zoneName).records
$textToRemove = "@.$zoneName"
$hosts = $hosts -replace [regex]::Escape($textToRemove), ""
$hosts = -split $hosts
cert.exe -f json -skip-verify $hosts
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json
write-host "Check $($zoneName).json for scan results."
Convert JSON to greppable one liner
cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"'