A while ago I cooked up a bash script to scan relevant internal subnets for ssl certs, save/parse a copy of the x509 data and list all the discovered info in a delimited text file for analysis in a spreadsheet.
This works well by itself, but for the convenience of quick lookups without involving excel or libreoffice, a web page can be useful. PHP provides a simple method for converting a delimited file into a table (fgetcsv() ), and jQuery has a great plugin called tablesorter which allows you to do some quick sorting and filtering right there in the browser. It didnt take long to mash these together into a one script web page to display the sortable certificate data at a glance.
Sample screenshot:
The sample only shows the three dummy values I’ve included in the demo, but I’ve used this in production with 600+ scanned certs and it works well.
Scancerts has two main components:
- Bash script which eats a text file containing a list of networks to scan, uses openssl, sed, awk, grep, cut, etc to generate another text file containing a delimited list of discovered certs.
- PHP script which turns the delimited text file into a HTML table, and augments it with some jQuery so your browser can sort and filter the HTML table on the fly.
Installation Steps
- Create a web-accessible folder on your linux box
- Unpack the files in the provided archive to the web folder
- Make sure file/folder permissions are set correctly (and you can run PHP!)
- Add the subnets you want to scan into ‘subnets.txt’
- Make ‘scancerts’ executable
- Run scancerts and optionally add it to cron
- View a nice sortable html list of discovered certs