Last active
February 10, 2017 16:37
-
-
Save fatred/86c4a80f735944baf995178f017fb19f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import nmap | |
import os | |
import datetime | |
import smtplib | |
from email.mime.text import MIMEText | |
# Email Settings | |
sender = 'sender@email.biz' | |
recipients = 'recipient@email.biz' | |
range_to_scan = '10.0.0.0/24' | |
# fire up nmap and run the SSL script over the hosts that match | |
nm = nmap.PortScanner() | |
print "[*] Starting NMAP Scan of %s" % range_to_scan | |
scan = nm.scan(range_to_scan, '443', arguments='--script=ssl-cert') | |
# if you want, you can use include and/or exclude files. this is just a line separated list of IPs, and you can # comment if you like... | |
#scan = nm.scan(range_to_scan, '443', arguments='--script=ssl-cert -iL includelist.txt --excludefile=excludehosts.txt') | |
# define our time settings for the date ranges | |
today = datetime.datetime.now() | |
todayplus7d = today + datetime.timedelta(days=7) | |
todayminus3d = today - datetime.timedelta(days=3) | |
df = "%Y-%m-%dT%H:%M:%S" | |
# keep us updated on progress after the scan | |
print "[*] %s hosts found listening on SSL port tcp/443 in %s" % (nm.scanstats()['uphosts'], nm.scanstats()['elapsed']) | |
print "[*] Looking for certs that expire before %s" % todayplus7d | |
expiringCerts = [] | |
expiredCerts = [] | |
# iterate through all the hosts that served up an SSL cert. | |
# | |
# Check the date it goes pop and add anything gone or going to the list | |
for host in nm.all_hosts(): | |
if nm[host].has_tcp(443): | |
if 'script' in nm[host]['tcp'][443].keys(): | |
ip = nm[host]['addresses']['ipv4'] | |
commonName = nm[host]['tcp'][443]['script']['ssl-cert'].split('\n')[0].split(':')[1].split('/')[0].split('=')[1].lstrip() | |
expiryDate = nm[host]['tcp'][443]['script']['ssl-cert'].split('\n')[5].split('after:')[1].lstrip()[:-6] | |
if (datetime.datetime.strptime(expiryDate, df) > today) & (datetime.datetime.strptime(expiryDate, df) < todayplus7d): | |
expiringCerts.append(ip + ',' + commonName + ',' + expiryDate) | |
if datetime.datetime.strptime(expiryDate, df) < today: | |
expiredCerts.append(ip + ',' + commonName + ',' + expiryDate) | |
emailbody = '' | |
# if we have stuff here we are in trouble... | |
if expiredCerts: | |
print "[*] %s certs expired already!!!" % len(expiredCerts) | |
emailbody += "Certs ALREADY EXPIRED!!!\n\n" | |
for cert in expiredCerts: | |
emailbody += "IP: %s\t|\tCommon Name: %s\t|\tExpiry Date: %s\n" % (cert.split(',')[0], cert.split(',')[1], cert.split(',')[2]) | |
# if we have certs that are expiring, then deal with them... | |
if expiringCerts: | |
print "[*] %s certs expiring this week" % len(expiringCerts) | |
emailbody += '\nCerts expiring in the next 7 days:\n\n' | |
for cert in expiringCerts: | |
emailbody += "IP: %s\t|\tCommon Name: %s\t|\tExpiry Date: %s\n" % (cert.split(',')[0], cert.split(',')[1], cert.split(',')[2]) | |
# if nothing is expiring and its a monday, tell us we are good for the week. otherwise dont sent mail. | |
elif not expiringCerts: | |
print "[*] Nothing expiring this week" | |
if today.weekday == 1: | |
emailbody += '\nNo Certs expiring this week!' | |
pass | |
else: | |
if not expiredCerts: | |
# nothing expiring this week, and nothing gone already either... | |
os._exit(0) | |
else: | |
# we may not have things expiring, but we have stuff that has EXPIRED. MUST SEND EMAIL!!! | |
pass | |
# build an email | |
msg = MIMEText(emailbody) | |
msg['Subject'] = 'SSL Cert scan on %s' % range_to_scan | |
msg['From'] = sender | |
msg['To'] = recipients | |
print "[*] Sending email to the team..." | |
# send the email... | |
smtp_session = smtplib.SMTP('smtp-server.fqdn.biz') | |
smtp_session.sendmail(sender, [recipients], msg.as_string()) | |
smtp_session.quit() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Traceback (most recent call last):
File "ssl-range-scan.py", line 41, in
expiryDate = nm[host]['tcp'][443]['script']['ssl-cert'].split('\n')[5].split('after:')[1].lstrip()[:-6]
IndexError: list index out of range