diff --git a/ssl b/ssl new file mode 100644 index 0000000..00f8716 --- /dev/null +++ b/ssl @@ -0,0 +1,67 @@ +#!/bin/bash + +# Check if there is an input +if [[ $1 ]]; then + validation=$(host $1) +fi + +# Check if domain is valid +if [[ $validation == *"NXDOMAIN"* ]]; then + echo "Please enter a valid domain"; + exit 0 +fi + +case $1 in +# Sample Usage +help) + echo "Usage: +ssl domain.com" + exit 1 +;; +"") + echo "Usage: +ssl domain.com" + exit 1 +;; +# If the domain is valid run the following: +*) + today=$(date +%F) + expires=$(echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | grep 'notAfter' | sed 's/notAfter=//') + #echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates + + echo '# The SSL certificate has been issued for: ' + echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -subject | sed 's/subject=/Domain: /' + #echo | openssl s_client -servername www.$1 -connect www.$1:443 2>/dev/null | openssl x509 -noout -subject + echo '----' + + echo '' + echo '# The SSL certificate expires in: ' + echo $(( ( $(date -ud "$expires" +'%s') - $(date -ud "$today" +'%s') )/60/60/24 )) days + echo '----' + + echo '' + echo '# Dates: ' + echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -dates | sed 's/notAfter=/Expires On: /' | sed 's/notBefore=/Issued On: /' + echo '----' + + echo '' + echo '# The certificate has been issued by: ' + echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -issuer | sed 's/issuer=/Issuer: /' + echo '----' + + echo '' + echo '# TLS supported: ' + nmap --script ssl-enum-ciphers -p 443 $1 | grep ':' | grep -i tls + echo '----' + + echo '' + echo '# Fingerprint: ' + echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -fingerprint + echo '----' + + #echo '' + #echo '##### Decode: ' + #echo | openssl s_client -servername $1 -connect $1:443 2>/dev/null | openssl x509 -noout -text + #echo '#################' + +esac \ No newline at end of file