Python crtshAPI примеры использования

Пример #1

Файл: mod_crtsh.py Проект: dogasantos/cpgather

def crtshQuery(domain):
    found = list()
    if os.path.isfile(domain + ".sub.crtsh") == False or os.path.getsize(
            domain + ".sub.crtsh") == 0:
        try:
            rawlist = crtshAPI().search(domain)[0]
        except:
            rawlist = list()

        for item in rawlist:
            item = json.loads(item)
            for k, v in item.items():
                if k == "name_value":
                    if '@' in v:
                        continue
                    if '*' in v:
                        continue
                    if checkFqdn(v) == False:
                        continue
                    if '\n' in v:
                        for tok in v.split('\n'):
                            found.append(tok)
                    else:
                        found.append(v)

        found = list(set(found))
        saveFile(domain + ".sub.crtsh", found)
    else:

        temp = readFile(domain + ".sub.crtsh")
        for item in temp:
            if len(item) > 2:
                found.append(item.rstrip("\n"))
    return found

Пример #2

Файл: crtsh_search.py Проект: gavz/simplydomain-pkg

    def dynamic_main(self, queue_dict):
        """
        Main entry point for process to call.
    
        core_serialization.SubDomain Attributes:
            name: long name of method
            module_name: name of the module that performed collection 
            source: source of the subdomain or resource of collection
            module_version: version from meta
            source: source of the collection
            time: time the result obj was built
            subdomain: subdomain to use
            valid: is domain valid

        :return: 
        """
        core_args = self.json_entry['args']
        task_output_queue = queue_dict['task_output_queue']
        cs = core_scrub.Scrub()
        rd = []
        data = crtshAPI().search(str(core_args.DOMAIN))
        for d in data:
            cs.subdomain = d['issuer']
            # check if domain name is valid
            valid = cs.validate_domain()
            # build the SubDomain Object to pass
            sub_obj = core_serialization.SubDomain(self.info["Name"],
                                                   self.info["Module"],
                                                   "https://crt.sh",
                                                   self.info["Version"],
                                                   time.time(), d['issuer'],
                                                   valid)
            # populate queue with return data objects
            task_output_queue.put(sub_obj)

Пример #3

Файл: certsee.py Проект: h0ffayyy/certsee

def query_crtsh(args):
    """ query crt.sh for the given domain 
    
    Params:
        args - arguments provided at runtime

    Returns:
        certs - a list of certificates returned from the crt.sh query
    """
    domain = args.domain
    result = crtshAPI().search(domain)
    #print(result[0])

    now = datetime.now()
    recent_certs = []

    print(f'[+] Querying crt.sh for: {domain}')

    for item in result[0]:
        result_timestamp = parse(item["entry_timestamp"])

        if now - timedelta(days=args.timeframe) <= result_timestamp <= now:
            #print(f'[+] Found one! {result[item]["entry_timestamp"]}')
            # check for any duplicate serial numbers
            if not any(s["serial_number"] == item["serial_number"]
                       for s in recent_certs):
                if len(item["serial_number"]) >= 32:
                    recent_certs.append(item)

    print(
        f'[+] Found {len(recent_certs)} certificates in last {args.timeframe} days for query: {domain}'
    )

    return recent_certs

Пример #4

def query(domain):
    results = []

    full_result = crtshAPI().search(domain,expired=False)

    if len(full_result) == 0:
        results.append(
            Result(
                message='No results found.'
            )
        )

    else:
        for res in full_result:
            results.append(
                Result(
                    message="Found certificate info.",
                    json_result={
                        'common_name': res['common_name'],
                        'valid_from': res['not_before']
                    }
                )
            )

    return results

Пример #5

def ca_issuer(domain):
    """Returns the name of the Certificate authority (CA) issuer of the URL
      Issue with this feature: It takes so long to execute large amount of data.
    """
    ca_issuer = crtshAPI().search(domain)

    if not ca_issuer:
        return None
    else:
        return ca_issuer[0]['issuer_name']

Пример #6

def exploit(workspace):
	n_tab = 0
	global output

	now = datetime.now()
	dt_string = now.strftime("%d_%m_%Y_%H_%M_%S")
	file = "{}_misc_crtsh".format(dt_string)
	dfile = "{}_dns_file".format(dt_string)
	filename = "./workspaces/{}/{}".format(workspace, file)

	domain = variables['DOMAIN']['value']
	json_data = crtshAPI().search(domain)
	for certs in json_data:
		nv = (certs['name_value']).split("\n")
		certs['name_value'] = nv

	yn = variables['GENERATE-LIST']['value']
	if not yn == "":
		if not yn.lower() == 'true' and not yn.lower() == 'false':
			print(
				colored("[*] 'GENERATE-LIST' should be either True or False.")
			)
		elif yn.lower() == 'true':
			dns_names = []
			for cert in json_data:
				for dns in cert['name_value']:
					dns_names.append(dns)
			uniquedns = set(dns_names)
			dns_list = list(uniquedns)
			dfilename = "./workspaces/{}/{}".format(workspace, dfile)
			dnsfile = open(dfilename, "w")
			for dns in dns_list:
				dnsfile.write(dns+"\n")
			dnsfile.close()
			print(colored("[*] DNS List saved on '{}'.".format(dfilename), "green"))

	with open(filename, 'w') as outfile:
		json.dump(json_data, outfile, indent=4, default=str)
		print(colored("[*] Content dumped on file '{}'.".format(filename), "green"))

	output += colored("---------------------------------\n", "yellow", attrs=['bold'])
	for data in json_data:
		output += colored("{}: {}\n".format("Common Name", data["common_name"]), "yellow", attrs=['bold'])
		list_dictionary(data, n_tab)
		output += colored("---------------------------------\n", "yellow", attrs=['bold'])
	pipepager(output, "less -R")
	output = ""

Пример #7

def crtsh_lookup(domain):
    domains = []
    print("\n[*] Performing crtsh lookup\n")
    result = crtshAPI().search(domain)
    for record in result:
        for r in record:
            # Account for newline characters in some name records
            if '\n' in r['name_value']:
                domain_names = r['name_value'].split("\n")
                for d in domain_names:
                    domains.append(d.strip())
            else:
                domains.append(r['name_value'].strip())
    domains = list(dict.fromkeys(domains))
    for d in domains:
        print("[+] %s" % d)
    return result, domains

Пример #8

Файл: run.py Проект: xeddmc/D0xk1t

def subdomain_search(value):
    """
    helper function for interacting with crt.sh
    """
    return json.dumps(crtsh.crtshAPI().search(str(value)))

Пример #9

            columns[k].append(v)  # append the value into the appropriate list
            # based on column name k

fuzzed_domain = columns['domain-name']
print fuzzed_domain

print "==" * 50
print "**" * 50

while True:
    for item in fuzzed_domain:
        print item
        a = item
        # a = raw_input("ENTER THE NAME FOR THE DOMAIN TO BE SEARCHED : ")
        print colored('SEARCHING CERTIFICATES FOR ', 'red'), item
        jason_data = json.dumps(crtshAPI().search(a))
        jason_data = json.loads(jason_data)

        # print jason_data
        # print len(jason_data)
        epoch_now = int(datetime.datetime.now().strftime('%s'))

        for item in jason_data[0]:
            # print item
            headers = {
                'Content-type': 'application/json',
                'Accept': 'text/plain'
            }
            hash_object = hashlib.sha1(json.dumps(item)).hexdigest()

            creation_date = (datetime.datetime.strptime(

Пример #10

def subdomain_search(value):
    return json.dumps(crtshAPI().search(str(value)))

Пример #11

from crtsh import crtshAPI
import sys
import json

if len(sys.argv) > 1:
    print(json.dumps(crtshAPI().search(sys.argv[1]), indent=2))
else:
    pass

Пример #12

##monitoring for the certificate transpirincy by www.crt.sh
#we are using the unoficial crtsh api and the elastic search
#elastic search databse stores the data and when the program runs after every 12 hrs
#it checks if there is new certificate has been  generated  it will prompt new certificate found or else it will sleep for next 12 hrs.
from crtsh import crtshAPI
import json
import requests
from pprint import pprint
import hashlib
import time

data_feed = json.dumps(crtshAPI().search('cyware.com'))

while True:

    cyware = json.loads(data_feed)
    es_url = "http://127.0.0.1:9200/cert_new/cywar/"
    dummp_post = requests.get(es_url)
    for item in cyware[0]:
        headers = {'Content-type': 'application/json', 'Accept': 'text/plain'}
        hash_object = hashlib.sha1(json.dumps(item)).hexdigest()
        min_cert_id = item['min_cert_id']
        #print json.dumps(item)
        dummp_post = requests.post(es_url + str(item['min_cert_id']),
                                   headers=headers,
                                   data=json.dumps(item))
        view = json.loads(dummp_post.text)
        if view["_version"] <= 1:
            print "=" * 40
            print "NEW CERTIFICATE FOUND"
            print "=" * 40

Пример #13

Файл: CrtSH.py Проект: xeon01/BugBounty

 def api(d):
     results = json.dumps(crtshAPI().search(d))
     return results

Пример #14

    url = "https://api.macvendors.com/" + param
    erg = shell("curl -sK -X GET %s" % url)
    for i in erg.output():
        print "\033[0;249;0m" + i + "\033[0;249;0m"

elif choice == "4":
    param = raw_input("Enter a domain or ip: ")
    erg = shell("ping -c 4 %s" % param)
    for i in erg.output():
        print "\033[0;249;0m" + i + "\033[0;249;0m"
        
elif choice == "5":
    param = raw_input("Enter a domain name: ")
    print "\n  --  This check can last some minutes!  --  \n"
    try:
        print "\033[0;249;0m" + json.dumps(crtshAPI().search(param), indent=2) + "\033[0;249;0m"
    except:
        print " The service crt.sh is not available"
    print "Certificates download is ongoing!"
    shell("./crt.sh %s" % param)
    print "\033[0;249;0mThe certificate are stored as *.html files under output/crt!\033[0;249;0m"

elif choice == "6":
    print "\033[0;249;0mYou can enter a name (<john+doe>) or an emailaddress\033[0;249;0m"
    param = raw_input("Enter your searchparameter: ")
    reverse_whois.do_reverse_whois(param)
    
elif choice == "7":
    param = raw_input("Enter a domain or an IP: ")
    reverse_ip.do_call(param)
    

Пример #15

from crtsh import crtshAPI
from pprint import pprint
from dns import resolver

all_hosts = []
certs = crtshAPI().search('DOMAIN_TO_SEARCH')
for cert in certs[0]:
    all_hosts.append(cert['name_value'])

hosts = set(all_hosts)

for host in hosts:
    try:
        a = resolver.query(host)
        print("{0}: {1}".format(host, a.canonical_name))
    except:
        print("{0} failed".format(host))