Certificate Discovery
Ir para navegação
Ir para pesquisar
#!/bin/bash
export SLEEP=5
function COMPILET_LIST() {
OUT_FILE=$1
du -s * | grep -v ^0 | awk '{print $2}' | \
while read CERT
do
FQDN_LINHAS=$(echo $CERT | tr '.' '\n' | wc -l)
# integer FQDN_LINHAS
FQDN=$(echo $CERT | tr '.' '\n' | head -n $(expr $FQDN_LINHAS - 1 ) | tr '\n' '.' | sed -e "s/.$//g")
echo $FQDN\;$(echo $CERT | tr '.' '\n' | tail -n 1 )\;$(GET_DNS_RECORD $FQDN)\;$(GET_SUBJECT_LINHAS $CERT )\;$(grep "Not After" $CERT)
done | tee $OUT_FILE.csv
}
function GET_SUBJECT_LINHAS() {
CERT=$1
LINES=$(grep "Subject:" $CERT| grep CN= | wc -l)
if [ $LINES -eq 0 ]
then
grep "Issuer: DC" $CERT
else
grep "Subject:" $CERT| grep CN=
fi
}
function GET_STATUS() {
while true; do echo $(date)\;$(ps -ef | grep run.sh | grep -v grep| wc -l)\;$(ls -1 | while read ARQ ; do du -b $ARQ| grep -v ^0 ;done | wc -l )\;$(GET_PROCESS_HASH) | column -t -s \; ;sleep $SLEEP;done
}
function GET_DNS_RECORD() {
dig $1 | grep ^$1 | awk '{ print $5} '
}
function GET_CERT_DETAIL() {
export SITE=$1
openssl s_client -showcerts -servername $SITE -connect $SITE:$2 | openssl x509 -noout -text > $3/$1.$2
}
function NMAP_DISCOVERY() {
nmap -sT $1 2>/dev/null | awk -F / '{ print $1} '
}
function FILTER_PORTS(){
egrep -wv "10001|10002|10003|10004|10010|10012|1009|1025|1026|1027|1028|1030|1080|1082|1095|1099|110|111|113|1236|1301|1309|1310|135|13782|139|143|1433|1521|1556|16016|161|17|1801|19|2000|2030|21|2103|2105|2107|211|22|2222|2383|25|2701|3000|3013|3306|389|425|427|445|49|5000|5001|5002|5003|5004|5030|5033|5050|5060|5061|5080|5087|5101|514|5190|5200|53|587|7000|7070|749|7777|80|8001|8002|8009|801|808|8080|8081|81|8180|82|83|88|9000|9011|903|9200|99|993|995"
}
function PARALELL() {
while read RECORD_NAME RECORD_TARGET
do
NMAP_DISCOVERY $RECORD_NAME 2>/dev/null | FILTER_PORTS | awk -F / '{ print $1} ' | \
while read PORT_NUMBER
do
GET_CERT_DETAIL $RECORD_NAME $PORT_NUMBER $1
done
done
}
function HELP() {
echo Favor passar argumentos
echo $0 "coleta <lista> <dir_output> <paralelism_number>"
echo $0 "csv <csv_file_name>"
echo $0 "kill_mode <number of cycles(sleep of 5s)>"
exit 1
}
function COLETA() {
export ORIGEM=$1
export SAIDA=$2
export DIVISOES=$3
export TAMANHO=$(wc -l $ORIGEM| awk '{print $1}')
export CONTADOR=0
export INCREMENTO=$(expr $(wc -l $ORIGEM| awk '{print $1}') \/ $DIVISOES)
for i in $(seq 1 $DIVISOES)
do
if [ $i -eq $DIVISOES ]
then
date
echo $(expr $CONTADOR + 1 )
tail -n +$(expr $CONTADOR + 1 ) $ORIGEM | PARALELL $SAIDA &
else
date
echo $(expr $CONTADOR + 1 ) $INCREMENTO
tail -n +$(expr $CONTADOR + 1 ) $ORIGEM | head -n $INCREMENTO | PARALELL $SAIDA &
fi
export CONTADOR=$(expr $CONTADOR + $INCREMENTO)
done
}
function GET_PROCESS_HASH() {
GET_PID_LIST | md5sum | awk '{ print $1} '
}
function GET_PID_LIST() {
ps -ef | grep "openssl s_client -showcerts -servername" | grep -vw grep | awk '{ print $2}' | sort -u
}
function GET_UNUSED_PORTS() {
ls -1 | \
while read ARQ
do
echo $ARQ | tr '.' '\n' | tail -n 1
done | sort -u | \
while read PORT
do
echo $(ls -1 | grep -w $PORT | xargs -i du -b {} |grep -v ^0 | wc -l) $PORT
done | grep ^0
}
function KILL_STUCKEDS() {
export BEFORE=1
export HASH=1
export COUNT=0
while true
do
echo $(date) BEFORE=$BEFORE HASH=$HASH COUNT=$COUNT
if [[ "$BEFORE" == "1" && "$HASH" == "1" && $COUNT -eq 0 ]]
then
export HASH=$(GET_PROCESS_HASH)
else
export BEFORE=$HASH
export HASH=$(GET_PROCESS_HASH)
if [[ "$HASH" == "$BEFORE" ]]
then
if [ $COUNT -eq $1 ]
then
export COUNT=0
kill $(GET_PID_LIST)
else
export COUNT=$(expr $COUNT + 1)
fi
else
export COUNT=0
fi
fi
sleep $SLEEP
done
}
if [ $# -eq 4 ]
then
if [[ "$1" == "coleta" ]]
then
COLETA "$2" "$3" $4
else
HELP
fi
else
if [ $# -eq 2 ]
then
case $1 in
csv)
COMPILET_LIST $2
;;
kill_mode)
KILL_STUCKEDS $2
;;
*)
HELP
;;
esac
else
if [ $# -eq 1 ]
then
case $1 in
status)
GET_STATUS
;;
*)
HELP
;;
esac
else
HELP
fi
fi
fi