[ SEA-GHOST MINI SHELL]
#!/bin/bash
realurl="$1"
backend="$2"
info="$3"
check="$4"
status="2"
statustext=""
#urls=$(cat $confFile)
IFS="
"
currentDate="$(date +"%s")"
if [ "$check" == "ssl" ]; then
cert_info="$(echo | openssl s_client -servername $realurl -connect $backend 2>/dev/null | openssl x509 -noout -text)"
elif [ "$check" == "starttls" ]; then
cert_info="$(echo | openssl s_client -servername $realurl -connect $backend -starttls smtp 2>/dev/null | openssl x509 -noout -text)"
elif [ "$check" == "rootca" ]; then
cert_info="$(echo | openssl s_client -servername $realurl -connect $backend 2>&1 </dev/null | grep notAfter)"
fi
if [ -z "$cert_info" ];then
endDate="999999999999999"
else
endDate="$(date -d "$(echo "$cert_info" | grep -E "Not After :|notAfter" | sed 's/.*Not After : //;s/.*notAfter=//')" +"%s")"
certCN="$(echo "$cert_info" | grep "Subject:" | sed 's/.*CN=//' | sed 's/\/.*//')"
certSAN="$(echo "$cert_info" | awk '/X509v3 Subject Alternative Name:/{getline;gsub(/, /, "\r\n", $0);print}' | tr -d "DNS:" | tr -d " ?")"
fi
listCN="$certCN"$'\r\n'"$certSAN"
delta="$((($endDate - $currentDate) / 86400))"
listCNPlain="$(echo "$listCN" | tr "\r\n" ", ")"
while read -r line; do
statusCN="0"
matchecCN=""
if [[ $line == *"*"* ]]; then
if [[ $realurl == *"$(echo $line | sed 's/\*\.//' | sed 's/\r//' | sed 's/\n//')"* ]];then
statusCN="1"
matchecCN="$line"
break
fi
else
if [[ $(echo $line | sed 's/\*\.//' | sed 's/\r//' | sed 's/\n//') == $realurl ]];then
statusCN="1"
matchecCN="$line"
break
fi
fi
done <<< "$listCN"
if [ "$info" == "delta" ]; then echo $delta
else if [ "$info" == "matched" ]; then
if [ "$statusCN" -eq 0 ]; then
echo "Error: CN & SAN mismatch! Cert CN & SAN = $listCNPlain"
elif [ "$statusCN" -eq 1 ]; then
if [ ! -z $delta ]; then
echo "Matched CN or SAN = $matchecCN"
else
echo "cert_$realurl - something goes wrong"
fi
else
echo "cert_$realurl - something goes wrong"
fi
fi
fi
SEA-GHOST - SHELL CODING BY SEA-GHOST