Installation updates and scripts
This commit is contained in:
93
UserScripts/sslinfo
Executable file
93
UserScripts/sslinfo
Executable file
@@ -0,0 +1,93 @@
|
||||
#!/bin/bash
|
||||
|
||||
# File: sslinfo
|
||||
#
|
||||
# Description: This file takes an SSL file and prints
|
||||
# useful human-readable information about it.
|
||||
#
|
||||
# Package: AniNIX/ShadowArch
|
||||
# Copyright: WTFPL
|
||||
#
|
||||
# Author: DarkFeather <ircs://aninix.net:6697/DarkFeather>
|
||||
|
||||
# Sanity checks
|
||||
set -Eeo pipefail
|
||||
|
||||
# Default variables
|
||||
port=443
|
||||
option="-text"
|
||||
unset dump
|
||||
unset host
|
||||
unset modulus
|
||||
unset machinereadable
|
||||
unset showserial
|
||||
regex='Subject:|Subject Alt|Issuer:|Not |DNS:|IP Addr|Signature Algorithm'
|
||||
|
||||
# Show Usage
|
||||
function Usage() {
|
||||
echo "Usage: $0 [ -p port ] [ -r regex | -a | -s ] -t TARGET"
|
||||
echo " $0 -V"
|
||||
echo " $0 -h"
|
||||
echo
|
||||
echo "Adding -m will make it machine readable, and -v will increase verbosity."
|
||||
echo "The -a will show all output."
|
||||
echo "The -s will show the serial for the certificate."
|
||||
echo "The -h will show helptext."
|
||||
echo "The -V option will show version"
|
||||
echo "TARGET can be a hostname, request, or certificate."
|
||||
}
|
||||
|
||||
# Translate output into CSV format.
|
||||
function machineReadable() {
|
||||
egrep 'After|DNS|Subject:' | sed 's/^\s\+//' | sed 's/Not After : //' | sed 's/Subject: //' | sed 's/DNS://g' | tr '\n' ','
|
||||
echo
|
||||
}
|
||||
|
||||
# Parse user options
|
||||
while getopts 'aDhmMp:r:st:vV' OPTION; do
|
||||
case "$OPTION" in
|
||||
a) regex="*" ;;
|
||||
D) dump=1 ;;
|
||||
h) echo Display useful information in a concise format about an SSL object.; Usage; exit 0 ;;
|
||||
m) machinereadable=1 ;;
|
||||
M) modulus=1 ; option="-modulus" ;;
|
||||
p) port="${OPTARG}" ;;
|
||||
r) regex="${OPTARG}" ;;
|
||||
s) showserial=1 ; option="-serial" ;;
|
||||
t) host="${OPTARG}" ;;
|
||||
v) set -x ;;
|
||||
V) Version ;;
|
||||
*) Usage; exit 1 ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Make sure some argument is set.
|
||||
if [ -z "$host" ] ; then
|
||||
echo Need a target.
|
||||
Usage
|
||||
exit 1;
|
||||
fi
|
||||
|
||||
# Pass it all through OpenSSL
|
||||
# 1. Get the object
|
||||
(if [ -f "$host" ]; then
|
||||
if [ `grep -c REQUEST "$host"` -gt 1 ]; then
|
||||
openssl req -noout -in "$host" $option
|
||||
elif [ `grep -c RSA\ PRIVATE\ KEY "$host"` -gt 1 ]; then
|
||||
openssl rsa -noout -in "$host" $option
|
||||
elif [ `grep -c CERTIFICATE "$host"` -gt 1 ]; then
|
||||
openssl x509 -noout -in "$host" $option
|
||||
fi
|
||||
else
|
||||
echo | openssl s_client -connect "$host":"$port" 2>&1 | if [ -z "$dump" ]; then openssl x509 -noout $option; fi
|
||||
fi) \
|
||||
| (if [ -n "$modulus" ]; then
|
||||
cat;
|
||||
elif [ -n "$showserial" ]; then
|
||||
sed 's/^serial=//'
|
||||
elif [ -n "$dump" ]; then # 2. Parse the object.
|
||||
grep -A 99 BEGIN\ CERTIFICATE
|
||||
else
|
||||
egrep -i "$regex"
|
||||
fi) \
|
||||
| (if [ -z "$machinereadable" ]; then cat; else machineReadable; fi)
|
||||
Reference in New Issue
Block a user