def __init__(self, HOST='130.236.216.131', PORT = 443):
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
context = Context(TLSv1_METHOD)
context.use_certificate_file((self.certpath))
context.use_privatekey_file(self.keypath)
context.set_timeout(2)
conn = Connection(context,s)
conn.bind((HOST,PORT))
print 'Server is listening...'
conn.listen(5)
# self.client_table is a dictionary of clients
# where key = unique id and value = socket
self.client_table = {}
self.id_counter = 0
self.in_q = Queue.Queue()
self.out_q = Queue.Queue()
threading.Thread(target=self.sendinput).start()
threading.Thread(target=self.in_processor).start()
threading.Thread(target=self.out_processor).start()
try:
while True:
# Waiting for new client to accept, sslsocket is the socket that will be used for communication with this client after a client sets up a connection with the server
sslsocket, addr = conn.accept()
self.client_table[self.id_counter] = sslsocket
self.id_counter = self.id_counter + 1
threading.Thread(target=self.client_handler,args=(self.id_counter-1,)).start()
except KeyboardInterrupt:
for key, value in self.client_table.iteritems():
value.shutdown()
value.close()
sys.exit(0)
def __read_cert(self, domain_str):
sslcontext = Context(TLSv1_METHOD)
sslcontext.set_timeout(30)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
print domain_str
try:
s.connect((domain_str, 443))
except Exception, e:
print e
return ''
def get_ssl(url):
print(Fore.RED+"[+] ssl certificate:"+Fore.GREEN)
first_try = re.findall(r":([0-9]+)", str(url))
if len(first_try) != 0:
for i in range(len(first_try)):
port = ''.join(first_try[i])
else:
port = int('443')
second_try = re.findall(r"/([0-9a-zA-Z\.%&#]+)", str(url))
if len(second_try) != 0:
for i in range(len(second_try)):
host = ''.join(second_try[i])
try:
try:
ssl_connection_setting = Context(SSLv3_METHOD)
except ValueError:
ssl_connection_setting = Context(TLSv1_2_METHOD)
ssl_connection_setting.set_timeout(5)
with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s:
s.connect((host, int(port)))
c = Connection(ssl_connection_setting, s)
c.set_tlsext_host_name(str.encode(host))
c.set_connect_state()
c.do_handshake()
cert = c.get_peer_certificate()
print(Fore.RED+" --> "+Fore.GREEN+"Is Expired: ", cert.has_expired())
print(Fore.RED+" --> "+Fore.GREEN+"Issuer: ", cert.get_issuer())
subject_list = cert.get_subject().get_components()
cert_byte_arr_decoded = {}
for item in subject_list:
cert_byte_arr_decoded.update({item[0].decode('utf-8'): item[1].decode('utf-8')})
if len(cert_byte_arr_decoded) > 0:
print(Fore.RED+" --> "+Fore.GREEN+"Subject: ", cert_byte_arr_decoded)
if cert_byte_arr_decoded["CN"]:
print(Fore.RED+" --> "+Fore.GREEN+"Common Name: ", cert_byte_arr_decoded["CN"])
end_date = datetime.strptime(str(cert.get_notAfter().decode('utf-8')), "%Y%m%d%H%M%SZ")
print(Fore.RED+" --> "+Fore.GREEN+"Not After (UTC Time): ", end_date)
diff = end_date - datetime.now()
print(Fore.RED+" --> "+Fore.GREEN+'Summary: "{}" SSL certificate expires on {} i.e. {} days.'.format(host, end_date, diff.days))
c.shutdown()
s.close()
except:
print(Fore.RED+" --> "+Fore.GREEN+"Not found")
pass
def ip_ssl_connect(self, ip):
logging.basicConfig(filename=self.basedir+'/output/log/get_cert_from_ip.log', level=logging.DEBUG, format='%(asctime)s %(message)s')
try:
sslcontext = Context(TLSv1_METHOD)
sslcontext.set_timeout(30)
s = socket()
s.connect((ip, 443))
c = Connection(sslcontext, s)
c.set_connect_state()
logging.info("try to establish handshake with %s..." % ip)
c.do_handshake()
cert = c.get_peer_certificate()
logging.info("got certificate!")
c.shutdown()
s.close()
return cert
except Exception as e:
logging.info(e)
logging.info("fail to connect to port 443 with %s" % ip)
return None
def connect(self):
print "You are trying to connect..."
for x in range(7):
if not self.connected:
try:
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
context = Context(TLSv1_METHOD)
context.use_certificate_file(self.cacertpath)
context.set_timeout(2)
self.sslsocket = Connection(context,s)
self.sslsocket.connect((self.host_addr,self.host_port))
#starting a thread that listen to what server sends which the clients need to be able to send and recive data at the same time
t = threading.Thread(target=self.receive)
t.daemon = True
t.start()
if self.sslsocket:
self.connected = True
print "connection established"
#self.authentication("Kalle", "te")
t = threading.Thread(target=self.sendinput)
t.start()
except socket.error:
print "You failed to connect, retrying......."
time.sleep(5)
# encoding: utf-8
# -*- coding: utf8 -*-
"""
Created by PyCharm.
File: LinuxBashShellScriptForOps:pyGetCertsInfo.py
User: Guodong
Create Date: 2016/12/1
Create Time: 13:58
"""
from socket import socket
from OpenSSL.SSL import Connection, Context, SSLv3_METHOD
import datetime
import time
sslcontext = Context(SSLv3_METHOD)
sslcontext.set_timeout(30)
ip = 'www.baidu.com'
s = socket()
s.connect((ip, 443))
c = Connection(sslcontext, s)
c.set_connect_state()
c.do_handshake()
cert = c.get_peer_certificate()
print "Issuer: ", cert.get_issuer()
print "Subject: ", cert.get_subject().get_components()
subject_list = cert.get_subject().get_components()
print "Common Name:", dict(subject_list).get("CN")
print "notAfter(UTC time): ", cert.get_notAfter()
UTC_FORMAT = "%Y%m%d%H%M%SZ"
utc_to_local_offset = datetime.datetime.fromtimestamp(
time.time()) - datetime.datetime.utcfromtimestamp(time.time())
Create Date: 2016/12/1
Create Time: 13:58
"""
import datetime
import time
from socket import socket
from OpenSSL.SSL import Connection, Context, SSLv3_METHOD, TLSv1_2_METHOD
host = 'www.baidu.com'
try:
ssl_connection_setting = Context(SSLv3_METHOD)
except ValueError:
ssl_connection_setting = Context(TLSv1_2_METHOD)
ssl_connection_setting.set_timeout(30)
s = socket()
s.connect((host, 443))
c = Connection(ssl_connection_setting, s)
c.set_connect_state()
c.do_handshake()
cert = c.get_peer_certificate()
print "Issuer: ", cert.get_issuer()
print "Subject: ", cert.get_subject().get_components()
subject_list = cert.get_subject().get_components()
print "Common Name:", dict(subject_list).get("CN")
print "notAfter(UTC time): ", cert.get_notAfter()
UTC_FORMAT = "%Y%m%d%H%M%SZ"
utc_to_local_offset = datetime.datetime.fromtimestamp(time.time()) - datetime.datetime.utcfromtimestamp(time.time())
utc_time = time.mktime(time.strptime(cert.get_notAfter(), UTC_FORMAT))
from socket import socket
from OpenSSL.SSL import Connection, Context, SSLv23_METHOD
from OpenSSL import _util
ssl_context = Context(SSLv23_METHOD)
ssl_context.set_cipher_list("ALL:COMPLEMENT")
conn = Connection(ssl_context)
cipher_ptr = _util.lib.SSL_get_ciphers(conn._ssl)
for i in range(_util.lib.sk_SSL_CIPHER_num(cipher_ptr)):
cipher = _util.lib.sk_SSL_CIPHER_value(cipher_ptr, i)
print _util.ffi.string(_util.lib.SSL_CIPHER_get_name(cipher))
'''
ssl_context.set_timeout(30)
ip='113.57.133.147'
port=443
s=socket()
s.connect((ip,port))
c=Connection(ssl_context,s)
c.set_connect_state()
print "%s try to handshake" % (ip)
c.do_handshake()
cert = c.get_peer_certificate()
print "issuer: ",cert.get_issuer()
print "subject: ",cert.get_subject().get_components()
c.shutdown()
s.close()
'''
Create Date: 2016/12/1
Create Time: 13:58
"""
import datetime
import time
from socket import socket
from OpenSSL.SSL import Connection, Context, SSLv3_METHOD, TLSv1_2_METHOD
host = 'www.baidu.com'
try:
ssl_connection_setting = Context(SSLv3_METHOD)
except ValueError:
ssl_connection_setting = Context(TLSv1_2_METHOD)
ssl_connection_setting.set_timeout(30)
s = socket()
s.connect((host, 443))
c = Connection(ssl_connection_setting, s)
c.set_connect_state()
c.do_handshake()
cert = c.get_peer_certificate()
print "Issuer: ", cert.get_issuer()
print "Subject: ", cert.get_subject().get_components()
subject_list = cert.get_subject().get_components()
print "Common Name:", dict(subject_list).get("CN")
print "notAfter(UTC time): ", cert.get_notAfter()
UTC_FORMAT = "%Y%m%d%H%M%SZ"
utc_to_local_offset = datetime.datetime.fromtimestamp(
time.time()) - datetime.datetime.utcfromtimestamp(time.time())
