Vulnerability-Scanner/ssl_check.py at main · Alphx-rgb/Vulnerability-Scanner · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
import socket
import ssl
import csv
import argparse
import datetime
from urllib.parse import urlparse
import os
from os.path import exists
socket.setdefaulttimeout(8)
def ssl_check(url):
	headers = {"user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.98 Safari/537.36"}
	try:
		os.mkdir('report')
		os.chdir('report')
	except:
		os.chdir('report')
	def check_http2(domain_name):
		try:
			HOST = urlparse(domain_name).netloc
			PORT = 443
			# print(HOST)
			ctx = ssl.create_default_context()
			ctx.set_alpn_protocols(['h2', 'h2c' , 'http/2' , 'spdy/3',  'http/1.1' ])

			conn = ctx.wrap_socket(
				socket.socket(socket.AF_INET, socket.SOCK_STREAM), server_hostname=HOST)
			conn.connect((HOST, PORT))

			pp = conn.selected_alpn_protocol()
			cert = conn.getpeercert()
			# print(cert , '\n')
			subject = (dict(x[0] for x in cert['subject']))['commonName']
			expired = cert['notAfter']
			exp = datetime.datetime(int(expired.split(' ')[3]) , int(datetime.datetime.strptime(expired.split(' ')[0], '%b').month), int(expired.split(' ')[1]))
			# print(exp)
			current_time = datetime.datetime.now()
			curr = datetime.datetime(current_time.year , current_time.month , current_time.day)
			# print(curr)
			host = False
			if(exp < curr):
				return {"SSL" : "not verified"}
			for x in cert['subjectAltName']:
				# print(x[1])
				if (HOST.split('.')[1] in x[1]):
					host = True
					break
			# print(subalt['DNS'])
			# print(subject.split('.')[1] , " " , HOST ,  "\n")
			# print(HOST.split('.')[1] , subject.split('.')[1] , '\n')
			# print(pp)
			# print(pp , ss  , '\n')
			if(pp == "h2" and host == True):
				return {"SSL": "verified"}
			elif(pp != "h2" and host == True):
				return {"SSL": "verified" , "HTTPS" : "False"}
			else: return {"SSL" : "not verified"}
		except Exception as e:
			print(e)
			return


	# parser = argparse.ArgumentParser()
	# parser.add_argument("domain", help="website address you want to check for ssl",
	#                     type=str)
	# args = parser.parse_args()

	# print(check_http2(args.domain))
	with open("SSL Report.txt" , 'a') as p:
		j = check_http2(url)
		try:
			if(j["SSL"] == "not verified"):
				p.write(url+ " : "+ "Not verified SSL" + "\n")
		except Exception as e:
			p.write("Sorry, something went wrong.....")
		try:
			p.write(url +" : "+ str(j)+"\n")
		except:
			p.write("Sorry, something went wrong.....")
	os.chdir("./..")