Đó là một tập lệnh đơn giản chạy trong python thu thập thông tin SSL/TLS, sau đó nó trả về nhóm thông tin trong JSON. Nó cũng có thể kết nối thông qua máy chủ SOCKS được chỉ định của bạn
Một trong những điểm hay của tập lệnh này là nó sẽ phân tích đầy đủ chứng chỉ SSL để tìm các vấn đề bảo mật và sẽ bao gồm báo cáo ở đầu ra, CSV, HTML hoặc tệp JSON
Yêu cầu
narbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
0Cách sử dụng
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
Cổng là tùy chọn ở đây. Tập lệnh sẽ sử dụng 443 nếu không được chỉ định
narbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
1 Tệp chứa tên máy chủ để nhập liệunarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
2 Nhập các máy chủ được phân tách bằng dấu cáchnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
3 Kích hoạt kết nối thông qua máy chủ SOCKSnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
4 Cho phép xuất tệp CSV bằng cách chỉ định tên tệp. csv sau đối số nàynarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
5 Sử dụng cái này nếu bạn muốn chỉ có kết quả ở dạng JSONnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
6 Đối số này sẽ hiển thị tóm tắt nhanh trong đầu ranarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
7 Cho phép xuất tệp HTMLnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
8 Sử dụng cái này nếu bạn muốn lưu dưới dạng tệp JSON trên mỗi máy chủnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
9 Đối số này sẽ bao gồm phân tích bảo mật trên chứng chỉ. Mất nhiều thời gian hơn. Không có kết quả có nghĩa là không thể phân tích./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
10 Hiển thị thêm đầu ra. Tốt cho khắc phục sự cố./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
11 Hiển thị trợ giúp và thoátVí dụ
narbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
GHI CHÚ. Hãy nhớ rằng nếu chứng chỉ có hiệu lực dưới 15 ngày, tập lệnh sẽ coi đó là một cảnh báo trong bản tóm tắt
Kiểm duyệt?
Không vấn đề gì. Truyền đối số
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
12 cho tập lệnh có định dạng ./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
13 để kết nối thông qua proxy SOCKS./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
1Tóm tắt nhanh
Đôi khi bạn cần chạy tập lệnh và nhận bản tóm tắt nhanh về máy chủ lưu trữ. Bằng cách vượt qua
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
14, bạn sẽ có được tổng quan nhanh về kết quả./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
8Phân tích bảo mật
Bằng cách chuyển
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
15 tới tập lệnh, nó sẽ quét chứng chỉ để tìm các vấn đề và lỗ hổng bảo mật. Nó cũng sẽ đánh dấu một lớp cho giấy chứng nhận. Điều này sẽ mất nhiều thời gian hơn để hoàn thànhnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
0Đầu ra JSON, HTML và CSV
Chỉ ví dụ với đối số
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
16 chỉ hiển thị JSON. Hoàn hảo cho đường ống đến một công cụ khácnarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
2Xuất CSV cũng dễ dàng. Sau khi chạy tập lệnh với đối số
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
17 và chỉ định ./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
18 sau nó, bạn sẽ có kết quả như thế nàynarbeh@narbeh-laptop:~/ssl-checker$ ./ssl_checker.py -H time.com github.com:443
+---------------------+
| Analyzing 2 host[s] |
+---------------------+
[+] time.com
-------------
Issued domain: time.com
Issued to: None
Issued by: Amazon [US]
Valid from: 2019-09-06
Valid to: 2020-10-06 [78 days left]
Validity days: 396
Certificate valid: True
Certificate S/N: 20641318859548253362475798736742284477
Certificate SHA1 FP: D5:CE:1B:77:AB:59:C9:BE:37:58:0F:5D:73:97:64:98:C4:3E:43:30
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:time.com
\_ DNS:*.time.com
[+] github.com
---------------
Issued domain: github.com
Issued to: GitHub, Inc.
Issued by: DigiCert Inc [US]
Valid from: 2020-05-05
Valid to: 2022-05-10 [659 days left]
Validity days: 735
Certificate valid: True
Certificate S/N: 7101927171473588541993819712332065657
Certificate SHA1 FP: 5F:3F:7A:C2:56:9F:50:A4:66:76:47:C6:A1:8C:A0:07:AA:ED:BB:8E
Certificate version: 2
Certificate algorithm: sha256WithRSAEncryption
Expired: False
Certificate SAN's:
\_ DNS:github.com
\_ DNS:www.github.com
+-------------------------------------------------------------------------------------------+
| Successful: 2 | Failed: 0 | Valid: 2 | Warning: 0 | Expired: 0 | Duration: 0:00:07.694433 |
+-------------------------------------------------------------------------------------------+
5Cuối cùng, nếu bạn muốn xuất đầu ra của JSON cho mỗi máy chủ trong một tệp riêng biệt, hãy sử dụng
./ssl_checker.py -h
usage: ssl_checker.py [-H [HOSTS [HOSTS ...]] | -f HOST_FILE] [-s HOST:PORT]
[-c FILENAME.CSV] [-j] [-S] [-x] [-J] [-a] [-v] [-h]
Collects useful information about given host's SSL certificates.
optional arguments:
-H [HOSTS [HOSTS ...]], --host [HOSTS [HOSTS ...]]
Hosts as input separated by space
-f HOST_FILE, --host-file HOST_FILE
Hosts as input from file
-s HOST:PORT, --socks HOST:PORT
Enable SOCKS proxy for connection
-c FILENAME.CSV, --csv FILENAME.CSV
Enable CSV file export
-j, --json Enable JSON in the output
-S, --summary Enable summary output only
-x, --html Enable HTML file export
-J, --json-save Enable JSON export individually per host
-a, --analyze Enable SSL security analysis on the host
-v, --verbose Enable verbose to see what is going on
-h, --help Show this help message and exit
19. Điều này sẽ xuất đầu ra của JSON trên mỗi máy chủ