API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Sep 20th, 2019
122
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.59 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/sh
  2. # host,port,san(あり、無),ast(あり、無),fqdn,resolv,judge(一致のため不出、不一致)
  3.  
  4. logdir=./logs/domain_san
  5. ssldir=./ssl/sslscan
  6. if [ ! -e $logdir ];then
  7. mkdir $logdir
  8. fi
  9. # 1. sslscan.logのファイル名をリストアップ
  10. ls -1 $ssldir|grep log > $logdir/log_list.txt
  11.  
  12. # 2. csvに列名を記載
  13. echo "Host","Port","SAN有無","アスタ有無","FQDN","正引き結果","指摘判断" >> $logdir/res.csv
  14.  
  15. # 3. sslscan.logのリストを読み込み、ファイル名ごとに処理
  16. while read line
  17. do
  18. host=`echo $line|cut -d '_' -f1`
  19. port=`echo $line|cut -d '_' -f2`
  20.  
  21. # 4. logにSANがあるか?
  22. #4.1 ない場合(処理終了)
  23. ret=`grep -i alternative $ssldir/$line`
  24. if [ $ret -eq 1 ]; then
  25. san="無"
  26. ast="-"
  27. fqdn="-"
  28. resolv="-"
  29. judge="SANなし"
  30. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  31. # 4.2 ある場合
  32. elif [ $ret -eq 0 ]; then
  33. # 4.2.1 SANの中にアスタがあるか?
  34. ret2=`grep -i alternative $ssldir/$line -A1 |grep "*"``
  35. # 4.2.1.1 ある場合(処理終了)
  36. if [ $ret2 -eq 0 ]; then
  37. san="あり"
  38. ast="あり"
  39. fqdn="-"
  40. resolv="-"
  41. judge="アスタありで不出"
  42. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  43. # 4.2.1.2 ない場合(正引きする)
  44. elif [ $ret2 -eq 1 ]; then
  45. # 正引き用にFQDNをリストアップ
  46. grep -i alternative -A1 $ssldir/$line|grep DNS:|sed -e s/DNS://g | tr ',' '\n' > $logdir/tmp2.txt
  47. cat tmp2.txt
  48. # FQDNリストを読み込み、それぞれnslookup
  49. while read line2
  50. do
  51. nslookup $line2|grep -i "NXDOMAIN"
  52. # 正引き不明の場合
  53. if [ $? -eq 0 ]; then
  54. san="あり"
  55. ast="無"
  56. fqdn=$line2
  57. resolv="NXDOMAIN"
  58. judge="正引き不明で不出"
  59. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  60. # 正引きができた場合
  61. else
  62. san="あり"
  63. ast="無"
  64. fqdn=$line2
  65. resolv=`nslookup $line2|grep -i answer -A2|grep -i address|sed "s/Address: //g"`
  66. #ファイル名のロングホスト(host)と、正引き結果(resolv)のショートホストを比較する
  67. ip1=`echo $host |tr '.' '\n'|sed -e s/^00//g -e s/^0//g | tr "\n" ".";echo| sed s/\.$//g`
  68. ip2=`echo $resolv |sed s/$/\./g `
  69. if [ $ip1 = $ip2 ]; then
  70. judge="正引き一致で不出"
  71. else
  72. judge="不一致"
  73. fi
  74. echo $host,$port,$san,$ast,$fqdn,$resolv,$judge >> $logdir/res.csv
  75. fi
  76. done < $logdir/tmp2.txt
  77. fi
  78. fi
  79. done < $logdir/log_list.txt
  80.  
  81. cat $logdir/res.csv |nkf -s > $logdir/result.csv
  82. cd $logdir
  83. rm log_list.txt res.csv
  84. if [ -e tmp2.txt ];then
  85. rm tmp2.txt
  86. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!