I've written a Python script to fetch certificates of a list of IP address to match a domain:
#! /usr/bin/env python3
import ssl
import socket
import argparse
from threading import Thread, Lock
from itertools import islice
class scanThread(Thread):
def __init__(self,iplist, q, hostname, port):
Thread.__init__(self)
self.iplist = iplist
self.hostname = hostname
self.port = port
self.queue = q
def dummy(self,ip):
print("Running dummy")
def checkCert(self, ip):
print('Processing IP: %s' % ip )
ctx = ssl.create_default_context()
s = ctx.wrap_socket(socket.socket(), server_hostname=self.hostname)
try:
s.connect((ip, self.port))
cert = s.getpeercert()
if cert['subjectAltName'][0][1].find(hostname) != -1:
return ip
except (ssl.CertificateError, ssl.SSLError):
print('Ignore: %s' % ip)
finally:
s.close()
return
def run(self):
for ip in self.iplist:
returnIP = self.checkCert(ip)
if returnIP:
self.queue.append(ip)
def main(l, hostname, port):
iplist = []
threads = []
hostPool = []
with open(l,'r') as f:
#while True:
iplist.extend([f.readline().strip() for x in islice(f, 10000)])
#print(iplist)
t = scanThread(iplist, hostPool, hostname, port)
t.start()
threads.append(t)
iplist.clear()
for t in threads:
t.join()
for h in hostPool:
print(h)
if __name__ == '__main__':
parser = argparse.ArgumentParser()
parser.add_argument("hostname",help="root hostname")
parser.add_argument("-l","--list",required=True, help="IP list for scanning")
parser.add_argument("-p","--port", nargs='?', const=443, default=443, type=int, help="port to scan")
arg = parser.parse_args()
main(arg.list,arg.hostname, arg.port)
I just comment out while
loop in main
function, thus the script creates one thread and scans 10,000 IPs.
Taking 'google.com' for example, it has numerous IP addresses worldwide:
./google.py -l 443.txt google.com
Sample output:
Processing IP: 13.76.139.89
Ignore: 13.76.139.89
After some tests, I'm pretty sure that the for ... in
loop in scanThread.run()
executed one time. Did I do something inappropriate in this snippet code?
This might be because you are clearing the list in the main function.
t = scanThread(iplist, hostPool, hostname, port)
t.start()
threads.append(t)
iplist.clear() // here you are clearing.
Can you try:
class scanThread(Thread):
def __init__(self,iplist, q, hostname, port):
Thread.__init__(self)
self.iplist = list(iplist)
self.iplist = list(iplist)
this is make a copy of the list, rather than using the list which is passed.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments