-
Notifications
You must be signed in to change notification settings - Fork 46
/
checkCerts.py
executable file
·67 lines (53 loc) · 2.05 KB
/
checkCerts.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
#!/usr/bin/env python3
import OpenSSL
import datetime
import requests
import ssl
import socket
from synack import synack
def process_server_cert(url, port=443, name=None):
if name is None:
name = url
process_cert(name, ssl.get_server_certificate((url, port)))
def process_cert(name, cert):
try:
x509 = OpenSSL.crypto.load_certificate(OpenSSL.crypto.FILETYPE_PEM, cert)
exp_date = datetime.datetime.strptime(x509.get_notAfter().decode(), '%Y%m%d%H%M%SZ')
now = datetime.datetime.now()
exp_days = (exp_date-now).days
print(f'{name}: Expires {exp_date.strftime("%Y-%m-%d")} ({exp_days} days)')
if exp_days <= 14:
print('****************************************************************')
print(f'WARNING: {name} is expiring soon! Send Synack a support ticket!')
print('****************************************************************')
except Exception as err:
print(f"Could not retrieve {name}: {err}")
# Platform
process_server_cert('platform.synack.com')
# LP CA cert
process_cert('CA cert', requests.get("https://storage.googleapis.com/wolfacid-prod-public/ca-root.cer").content)
# LP Test
process_server_cert('synack-launchpoint-test.com')
# LP+
process_server_cert('amberjack.synack-lp.com')
# TuPoC
process_server_cert('x1.pe')
# ¯\_(ツ)_/¯
process_server_cert('boss.synack.com')
process_server_cert('client.synack.com')
process_server_cert('login.synack.com')
process_server_cert('acropolis.synack.com')
process_server_cert('gladiolus.synack.com')
# OpenVPN LP Cert
try:
s1 = synack()
s1.gecko=False
s1.getSessionToken()
lp_creds = s1.getLPCredentials()
ovpn_file = lp_creds["openvpn_file"]
cert_start = ovpn_file.index(b"-----BEGIN CERTIFICATE-----")
cert_end = ovpn_file.index(b"-----END CERTIFICATE-----") + len(b"-----END CERTIFICATE-----")
cert = ovpn_file[cert_start:cert_end]
process_cert('OpenVPN LP cert', cert)
except Exception as err:
print(f"Could not obtain LP OpenVPN credentials: {err}")