def __init__(self, HOST='130.236.216.131', PORT = 443): s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) context = Context(TLSv1_METHOD) context.use_certificate_file((self.certpath)) context.use_privatekey_file(self.keypath) context.set_timeout(2) conn = Connection(context,s) conn.bind((HOST,PORT)) print 'Server is listening...' conn.listen(5) # self.client_table is a dictionary of clients # where key = unique id and value = socket self.client_table = {} self.id_counter = 0 self.in_q = Queue.Queue() self.out_q = Queue.Queue() threading.Thread(target=self.sendinput).start() threading.Thread(target=self.in_processor).start() threading.Thread(target=self.out_processor).start() try: while True: # Waiting for new client to accept, sslsocket is the socket that will be used for communication with this client after a client sets up a connection with the server sslsocket, addr = conn.accept() self.client_table[self.id_counter] = sslsocket self.id_counter = self.id_counter + 1 threading.Thread(target=self.client_handler,args=(self.id_counter-1,)).start() except KeyboardInterrupt: for key, value in self.client_table.iteritems(): value.shutdown() value.close() sys.exit(0)
def __read_cert(self, domain_str): sslcontext = Context(TLSv1_METHOD) sslcontext.set_timeout(30) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) print domain_str try: s.connect((domain_str, 443)) except Exception, e: print e return ''
def get_ssl(url): print(Fore.RED+"[+] ssl certificate:"+Fore.GREEN) first_try = re.findall(r":([0-9]+)", str(url)) if len(first_try) != 0: for i in range(len(first_try)): port = ''.join(first_try[i]) else: port = int('443') second_try = re.findall(r"/([0-9a-zA-Z\.%&#]+)", str(url)) if len(second_try) != 0: for i in range(len(second_try)): host = ''.join(second_try[i]) try: try: ssl_connection_setting = Context(SSLv3_METHOD) except ValueError: ssl_connection_setting = Context(TLSv1_2_METHOD) ssl_connection_setting.set_timeout(5) with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: s.connect((host, int(port))) c = Connection(ssl_connection_setting, s) c.set_tlsext_host_name(str.encode(host)) c.set_connect_state() c.do_handshake() cert = c.get_peer_certificate() print(Fore.RED+" --> "+Fore.GREEN+"Is Expired: ", cert.has_expired()) print(Fore.RED+" --> "+Fore.GREEN+"Issuer: ", cert.get_issuer()) subject_list = cert.get_subject().get_components() cert_byte_arr_decoded = {} for item in subject_list: cert_byte_arr_decoded.update({item[0].decode('utf-8'): item[1].decode('utf-8')}) if len(cert_byte_arr_decoded) > 0: print(Fore.RED+" --> "+Fore.GREEN+"Subject: ", cert_byte_arr_decoded) if cert_byte_arr_decoded["CN"]: print(Fore.RED+" --> "+Fore.GREEN+"Common Name: ", cert_byte_arr_decoded["CN"]) end_date = datetime.strptime(str(cert.get_notAfter().decode('utf-8')), "%Y%m%d%H%M%SZ") print(Fore.RED+" --> "+Fore.GREEN+"Not After (UTC Time): ", end_date) diff = end_date - datetime.now() print(Fore.RED+" --> "+Fore.GREEN+'Summary: "{}" SSL certificate expires on {} i.e. {} days.'.format(host, end_date, diff.days)) c.shutdown() s.close() except: print(Fore.RED+" --> "+Fore.GREEN+"Not found") pass
def ip_ssl_connect(self, ip): logging.basicConfig(filename=self.basedir+'/output/log/get_cert_from_ip.log', level=logging.DEBUG, format='%(asctime)s %(message)s') try: sslcontext = Context(TLSv1_METHOD) sslcontext.set_timeout(30) s = socket() s.connect((ip, 443)) c = Connection(sslcontext, s) c.set_connect_state() logging.info("try to establish handshake with %s..." % ip) c.do_handshake() cert = c.get_peer_certificate() logging.info("got certificate!") c.shutdown() s.close() return cert except Exception as e: logging.info(e) logging.info("fail to connect to port 443 with %s" % ip) return None
def connect(self): print "You are trying to connect..." for x in range(7): if not self.connected: try: s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) context = Context(TLSv1_METHOD) context.use_certificate_file(self.cacertpath) context.set_timeout(2) self.sslsocket = Connection(context,s) self.sslsocket.connect((self.host_addr,self.host_port)) #starting a thread that listen to what server sends which the clients need to be able to send and recive data at the same time t = threading.Thread(target=self.receive) t.daemon = True t.start() if self.sslsocket: self.connected = True print "connection established" #self.authentication("Kalle", "te") t = threading.Thread(target=self.sendinput) t.start() except socket.error: print "You failed to connect, retrying......." time.sleep(5)
# encoding: utf-8 # -*- coding: utf8 -*- """ Created by PyCharm. File: LinuxBashShellScriptForOps:pyGetCertsInfo.py User: Guodong Create Date: 2016/12/1 Create Time: 13:58 """ from socket import socket from OpenSSL.SSL import Connection, Context, SSLv3_METHOD import datetime import time sslcontext = Context(SSLv3_METHOD) sslcontext.set_timeout(30) ip = 'www.baidu.com' s = socket() s.connect((ip, 443)) c = Connection(sslcontext, s) c.set_connect_state() c.do_handshake() cert = c.get_peer_certificate() print "Issuer: ", cert.get_issuer() print "Subject: ", cert.get_subject().get_components() subject_list = cert.get_subject().get_components() print "Common Name:", dict(subject_list).get("CN") print "notAfter(UTC time): ", cert.get_notAfter() UTC_FORMAT = "%Y%m%d%H%M%SZ" utc_to_local_offset = datetime.datetime.fromtimestamp( time.time()) - datetime.datetime.utcfromtimestamp(time.time())
Create Date: 2016/12/1 Create Time: 13:58 """ import datetime import time from socket import socket from OpenSSL.SSL import Connection, Context, SSLv3_METHOD, TLSv1_2_METHOD host = 'www.baidu.com' try: ssl_connection_setting = Context(SSLv3_METHOD) except ValueError: ssl_connection_setting = Context(TLSv1_2_METHOD) ssl_connection_setting.set_timeout(30) s = socket() s.connect((host, 443)) c = Connection(ssl_connection_setting, s) c.set_connect_state() c.do_handshake() cert = c.get_peer_certificate() print "Issuer: ", cert.get_issuer() print "Subject: ", cert.get_subject().get_components() subject_list = cert.get_subject().get_components() print "Common Name:", dict(subject_list).get("CN") print "notAfter(UTC time): ", cert.get_notAfter() UTC_FORMAT = "%Y%m%d%H%M%SZ" utc_to_local_offset = datetime.datetime.fromtimestamp(time.time()) - datetime.datetime.utcfromtimestamp(time.time()) utc_time = time.mktime(time.strptime(cert.get_notAfter(), UTC_FORMAT))
from socket import socket from OpenSSL.SSL import Connection, Context, SSLv23_METHOD from OpenSSL import _util ssl_context = Context(SSLv23_METHOD) ssl_context.set_cipher_list("ALL:COMPLEMENT") conn = Connection(ssl_context) cipher_ptr = _util.lib.SSL_get_ciphers(conn._ssl) for i in range(_util.lib.sk_SSL_CIPHER_num(cipher_ptr)): cipher = _util.lib.sk_SSL_CIPHER_value(cipher_ptr, i) print _util.ffi.string(_util.lib.SSL_CIPHER_get_name(cipher)) ''' ssl_context.set_timeout(30) ip='113.57.133.147' port=443 s=socket() s.connect((ip,port)) c=Connection(ssl_context,s) c.set_connect_state() print "%s try to handshake" % (ip) c.do_handshake() cert = c.get_peer_certificate() print "issuer: ",cert.get_issuer() print "subject: ",cert.get_subject().get_components() c.shutdown() s.close() '''
Create Date: 2016/12/1 Create Time: 13:58 """ import datetime import time from socket import socket from OpenSSL.SSL import Connection, Context, SSLv3_METHOD, TLSv1_2_METHOD host = 'www.baidu.com' try: ssl_connection_setting = Context(SSLv3_METHOD) except ValueError: ssl_connection_setting = Context(TLSv1_2_METHOD) ssl_connection_setting.set_timeout(30) s = socket() s.connect((host, 443)) c = Connection(ssl_connection_setting, s) c.set_connect_state() c.do_handshake() cert = c.get_peer_certificate() print "Issuer: ", cert.get_issuer() print "Subject: ", cert.get_subject().get_components() subject_list = cert.get_subject().get_components() print "Common Name:", dict(subject_list).get("CN") print "notAfter(UTC time): ", cert.get_notAfter() UTC_FORMAT = "%Y%m%d%H%M%SZ" utc_to_local_offset = datetime.datetime.fromtimestamp( time.time()) - datetime.datetime.utcfromtimestamp(time.time())