API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 20th, 2019
124
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.74 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. # host,port,san(あり、無),ast(あり、無),fqdn,resolv,judge(一致のため不出、不一致)
  3.  
  4. logdir=./logs/domain_san
  5. ssldir=./ssl/sslscan
  6. if [ ! -e $logdir ];then
  7. mkdir $logdir
  8. fi
  9. # 1. sslscan.logのファイル名をリストアップ
  10. ls -1 $ssldir|grep log > $logdir/log_list.txt
  11.  
  12. # 2. csvに列名を記載
  13. echo "Host","Port","SAN有無","アスタ有無","FQDN","正引き結果","指摘判断" >> $logdir/res.csv
  14.  
  15. # 3. sslscan.logのリストを読み込み、ファイル名ごとに処理
  16. while read line
  17. do
  18. host=`echo $line|cut -d '_' -f1`
  19. port=`echo $line|cut -d '_' -f2`
  20.  
  21. # 4. logにSANがあるか?
  22. #4.1 ない場合(処理終了)
  23. grep -i alternative $ssldir/$line
  24. ret=$?
  25. if [ $ret -eq 1 ]; then
  26. san="無"
  27. ast="-"
  28. fqdn="-"
  29. resolv="-"
  30. judge="SANなし"
  31. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  32. # 4.2 ある場合
  33. elif [ $ret -eq 0 ]; then
  34. # 4.2.1 SANの中にアスタがあるか?
  35. grep -i alternative $ssldir/$line -A1 |grep "*"
  36. ret2=$?
  37. # 4.2.1.1 ある場合(処理終了)
  38. if [ $ret2 -eq 0 ]; then
  39. san="あり"
  40. ast="あり"
  41. fqdn="-"
  42. resolv="-"
  43. judge="アスタありで不出"
  44. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  45. # 4.2.1.2 ない場合(正引きする)
  46. elif [ $ret2 -eq 1 ]; then
  47. # 正引き用にFQDNをリストアップ
  48. grep -i alternative -A1 $ssldir/$line|grep DNS:|sed -e s/DNS://g | tr ',' '\n' > $logdir/tmp2.txt
  49. cat tmp2.txt
  50. # FQDNリストを読み込み、それぞれnslookup
  51. while read line2
  52. do
  53. nslookup $line2|grep -i "NXDOMAIN"
  54. # 正引き不明の場合
  55. if [ $? -eq 0 ]; then
  56. san="あり"
  57. ast="無"
  58. fqdn=$line2
  59. resolv="NXDOMAIN"
  60. judge="正引き不明で不出"
  61. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  62. # 正引きができた場合
  63. elif
  64. nslookup $line2|grep -i answer -A2|grep -i address:
  65. [ $? -eq 0]; then
  66. san="あり"
  67. ast="無"
  68. fqdn=$line2
  69. resolv=`nslookup $line2|grep -i answer -A2|grep -i address|sed "s/Address: //g"`
  70. #ファイル名のロングホスト(host)と、正引き結果(resolv)のショートホストを比較する
  71. ip1=`echo $host |tr '.' '\n'|sed -e s/^00//g -e s/^0//g | tr "\n" ".";echo| sed s/\.$//g`
  72. ip2=`echo $resolv |sed s/$/\./g `
  73. if [ $ip1 = $ip2 ]; then
  74. judge="正引き一致で不出"
  75. else
  76. judge="不一致"
  77. fi
  78. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  79. fi
  80. done < $logdir/tmp2.txt
  81. fi
  82. fi
  83. done < $logdir/log_list.txt
  84.  
  85. cat $logdir/res.csv |nkf -s > $logdir/result.csv
  86. cd $logdir
  87. rm log_list.txt res.csv
  88. if [ -e tmp2.txt ];then
  89. rm tmp2.txt
  90. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!