Cert scan

From UVOO Tech Wiki
Revision as of 17:09, 19 January 2024 by Busk (talk | contribs)
Jump to navigation Jump to search

Certificate HTTPS Scanning

This can be used for quick checking of https endpoints. Default is 443.

Prerequisites

apt install jq

Download latest release for your platform from https://github.com/genkiroid/cert

get-dnsRecords.ps1

$ErrorActionPreference = "Stop"

if ($args.Count -lt 2) {
    Write-Host "Usage:   get-dnsRecords.ps1 <zone name/domain> <windows dns hostname>"
    Write-Host "Example: get-dnsRecords.ps1 example win-dns-hostname"
    exit 1
}

$zoneName = $args[0]
$dnsHost = $args[1]

# write-host "$zoneName"
# exit

$rsp = Invoke-Command -ComputerName $dnsHost -ScriptBlock {
  param($zoneName, $dnsHost)
  $dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType A
  foreach ($record in $dnsRecords) {
    Write-Output "$($record.HostName).$zoneName"
  }
  $dnsRecords = Get-DnsServerResourceRecord -ZoneName $zoneName -RRType CName
  foreach ($record in $dnsRecords) {
    Write-Output "$($record.HostName).$zoneName"
  }
} -ArgumentList $zoneName, $dnsHost
write-output "$rsp" | Out-File -FilePath ".\$($zoneName).records"
write-host "Records are in in file .\$($zoneName).records"

cert-scan.sh

#!/bin/bash
set -eu



if [ "$#" -ne 1 ]; then
    echo "Usage:   $0 <zoneName>"
    echo "Example: $0 example.com"
    exit 1
fi

zoneName=$1
echo "Getting hosts array from $zoneName.records "

textToRemove="@.$zoneName"
hosts=$(cat $zoneName.records | sed 's/$textToRemove//g')
cert -f json -skip-verify $hosts | jq > $zoneName.json

echo "Check $zoneName.json for scan results."

cert-scan.ps1

This only works if $hosts var array is smaller 

$ErrorActionPreference = "Stop"

if ($args.Count -lt 1) {
    Write-Host "Usage:   cert-scan.ps1 <zoneName>"
    Write-Host "Example: cert-scan.ps1 example.com"
    exit 1
}

$zoneName = $args[0]
write-host "Getting hosts from $($zoneName).records "


$hosts = Get-Content .\$($zoneName).records
$textToRemove = "@.$zoneName"
$hosts = $hosts -replace [regex]::Escape($textToRemove), ""
$hosts = -split $hosts

cert.exe -f json -skip-verify $hosts
# cert.exe -f json -skip-verify $hosts | ConvertFrom-Json | ConvertTo-Json -Depth 10 > .\$($zoneName).json
write-host "Check $($zoneName).json for scan results."

Convert JSON to greppable one liner

cat $zoneName.json | jq -r '.[] | "\(.domainName), \(.ip), \(.issuer), \(.commonName), \(.sans), \(.notBefore), \(.notAfter), \(.error)"'
Retrieved from "https://tech.uvoo.io/index.php?title=Cert_scan&oldid=4888"