[ SEA-GHOST MINI SHELL]

#!/bin/bash

realurl="$1"
backend="$2"
info="$3"

status="2"
statustext=""
#urls=$(cat $confFile)
IFS="
"
currentDate="$(date +"%s")"

    cert_info="$(echo | openssl s_client -servername $realurl -connect $backend 2>/dev/null | openssl x509 -noout -text -nameopt compat)"
    endDate="$(date -d "$(echo "$cert_info" | grep "Not After :" | sed 's/.*Not After : //')" +"%s")"
    certCN="$(echo "$cert_info" | grep "Subject:" | sed 's/.*CN=//' | sed 's/\/.*//')"
    certSAN="$(echo "$cert_info" | awk '/X509v3 Subject Alternative Name:/{getline;gsub(/, /, "\r\n", $0);print}' | tr -d "DNS:" | tr -d " ?")"

    listCN="$certCN"$'\r\n'"$certSAN"
    delta="$((($endDate - $currentDate) / 86400))"
    listCNPlain="$(echo "$listCN" | tr "\r\n" ", ")"

    while read -r line; do
      statusCN="0"
      matchecCN=""
      if [[ $line == *"*"* ]]; then
        if [[ $realurl == *"$(echo $line | sed 's/\*\.//' | sed 's/\r//' | sed 's/\n//')"* ]];then
          statusCN="1"
          matchecCN="$line"
          break
        fi
      else
        if [[ $(echo $line | sed 's/\*\.//' | sed 's/\r//' | sed 's/\n//') == $realurl ]];then
          statusCN="1"
          matchecCN="$line"
          break
        fi
      fi
    done <<< "$listCN"

if [ "$info" == "delta" ]; then echo $delta
 else if [ "$info" == "matched" ]; then
   if [ "$statusCN" -eq 0 ]; then
      echo "Error: CN & SAN mismatch! Cert CN & SAN = $listCNPlain"
   elif [ "$statusCN" -eq 1 ]; then
        if [ ! -z $delta ]; then
          echo "Matched CN or SAN = $matchecCN"
        else
          echo "cert_$realurl - something goes wrong"
        fi
   else
     echo "cert_$realurl - something goes wrong"
   fi
 fi
fi