-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.go
126 lines (106 loc) · 2.88 KB
/
main.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
package main
import (
"bufio"
"crypto/tls"
"crypto/x509"
"encoding/json"
"log"
"os"
"strings"
)
var (
// We need to change these paths to allow portability with other OSes.
// logFile is for any errors to report with the program.
logFile = "testfiles/logFile"
// outputFile is for the results from the program.
// This will also include errors due to the remote system, but not
// related to the program itself.
outputFile = "testfiles/outputFile"
// This file contains the csv of url/ip, port pairs
inputFile = "testfiles/inputFile"
)
// Config struct for tls.Dial()
// InsecureSkipVerify: true, is required for any IP address entries in the source csv file.
var conf = &tls.Config{
InsecureSkipVerify: true,
}
// prettyPrint ...
func prettyPrint(i interface{}) string {
s, _ := json.MarshalIndent(i, "", "\t")
return string(s)
}
// fileScanner ...
func fileScanner(f *os.File) (lines []string) {
scanner := bufio.NewScanner(f)
scanner.Split(bufio.ScanLines)
for scanner.Scan() {
lines = append(lines, scanner.Text())
}
return lines
}
// tlsConnection ...
func tlsConnection(s string, config *tls.Config) (*tls.Conn, error) {
conn, err := tls.Dial("tcp", s, config)
if err != nil {
return nil, err
}
// Let's run the handshake protocol.
err = conn.Handshake()
if err != nil {
return nil, err
}
return conn, err
}
type extCert struct {
origHost string
origIP string
cert x509.Certificate
}
// marshalJSON ...
func marshalJSON(cert x509.Certificate, origHost string, origIP string) extCert {
var fullCert *extCert
fullCert.origHost = origHost
fullCert.origIP = origIP
fullCert.cert = cert
return *fullCert
}
func main() {
// Logger set flags for logging errors.
log.SetFlags(log.Ldate | log.Ltime | log.Lmicroseconds | log.Lshortfile)
// Let's open a file to write error logs to.
errFile, err := os.OpenFile(logFile, os.O_RDWR|os.O_CREATE|os.O_APPEND, 0644)
if err != nil {
log.Fatalf("error opening file: %v", err)
}
defer errFile.Close()
log.SetOutput(errFile)
// Let's open a file to write our certificate info to.
outFile, err := os.OpenFile(outputFile, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0744)
if err != nil {
log.Fatal(err)
}
defer outFile.Close()
// Let's open the file containing url/ip and port pairs
// Form is: url/ip, port as: "www.domain.com", "443"
f, err := os.Open(inputFile)
if err != nil {
log.Fatal(err)
}
defer f.Close()
fileLines := fileScanner(f)
for _, line := range fileLines {
// Let's dump the comma between the host and port and replace with a ":" as required for tls.Dial()
line = strings.Replace(line, ",", ":", -1)
conn, err := tlsConnection(line, conf)
if err != nil {
log.Println(err)
}
// Let's get some cert information
if conn != nil {
certStr := prettyPrint(conn.ConnectionState().PeerCertificates[0])
if _, err := outFile.Write([]byte(certStr)); err != nil {
log.Fatal(err)
}
}
}
}