3 @6^0 @sPddlZddlZddlZddlZddlZddlmZmZm Z GdddeZ dS)N) SpiderFootSpiderFootPluginSpiderFootEventc@s^eZdZdZdddZdddZdZefdd Zd d Z d d Z ddZ ddZ ddZ dS) sfp_ssltoolsz{SSL Tools:Footprint,Investigate,Passive:Crawling and Scanning::Gather information about SSL certificates from SSLTools.com.T)verifycertexpiringdaysz5Verify certificate subject alternative names resolve.zNNumber of days in the future a certificate expires to consider it as expiring.NcCs>||_d|_|j|_x"t|jD]}|||j|<q$WdS)Nz SSL Tools)sf__dataSource__ tempStorageresultslistkeysopts)selfsfcuserOptsoptr7/var/www/spiderfoot.crq.systems/modules/sfp_ssltools.pysetup$s  zsfp_ssltools.setupcCsddgS)N INTERNET_NAME IP_ADDRESSr)rrrr watchedEvents-szsfp_ssltools.watchedEventscCs"ddddddddd d d d d ddgS)Nr TCP_PORT_OPENWEBSERVER_BANNERrINTERNET_NAME_UNRESOLVEDAFFILIATE_INTERNET_NAME"AFFILIATE_INTERNET_NAME_UNRESOLVEDSSL_CERTIFICATE_ISSUEDSSL_CERTIFICATE_ISSUERSSL_CERTIFICATE_MISMATCHSSL_CERTIFICATE_EXPIREDSSL_CERTIFICATE_EXPIRINGSSL_CERTIFICATE_RAW DOMAIN_NAMEAFFILIATE_DOMAIN_NAMEr)rrrrproducedEvents1szsfp_ssltools.producedEventscCsd|jdjdddi}ddi}|jjdtjj|||jd |jd d }tj d |d dkrp|jj ddSyt j |d }Wn4t k r}z|jj dt|dSd}~XnX|S)Nurlraw_unicode_escapeasciireplace)errorsz Content-Typez!application/x-www-form-urlencodedzhttp://www.ssltools.com/api/dns _fetchtimeout _useragent)postDataheaderstimeout useragentcontentzNo response from SSLTools.comz Error processing JSON response: )encodedecoder fetchUrlurllibparse urlencodertimesleepdebugjsonloads BaseExceptionstr)rdomainparamsr0resdataerrrqueryDns;s"    zsfp_ssltools.queryDnscCs|jdjddddt|dd}dd i}|jjd tjj||d |jd d }t j d|ddkrt|jj ddSyt j |d}Wn4tk r}z|jj dt|dSd}~XnX|S)Nr)r*r+)r,/true)r(pathportZ live_scanz Content-Typez!application/x-www-form-urlencodedz http://www.ssltools.com/api/scanrr.)r/r0r1r2r3r4zNo response from SSLTools.comz Error processing JSON response: )r5r6rAr r7r8r9r:rr;r<r=r>r?r@)rrBrKrCr0rDrErFrrr queryScanWs(    zsfp_ssltools.queryScancCs4|j}|j}|j}||jkr dSd|j|<|jjd|d||j|}|dkrh|jjd|dS|jd}x2|D]*}|jj|rxt d||j |}|j |qxWd} |j || }|dkr|jjd|d t | dS|jd } | dkst| d kr|jjd|d t | dSt d t | |j |}|j |t d |d t | |j |}|j || jd} | rt dt | |j |}|j |y(| jd} |jjt | ||jd} Wn6tk r}z|jjdt |dSd}~XnX| jds|jjd|dSt d| d|j |}|j || jdrXt d| d|j |}|j || jdrt d| d|j |}|j ||dkr| jdrt ddj| jd|j |}|j |x t| jdtD]}|jdd }|jj||jd!sq|jj|dd"rd#}nd$}|jd%rT|jj| rT|jjd&|d'|d(7}t |||j |}|j ||jj||jd!r|jd)rt d*||j |}|j |nt d+||j |}|j |qW| jd,rt d-| jd.d/|j |}|j |dS| jd0r0t d1| jd.d/|j |}|j |dSdS)2NTzReceived event, z, from zNo DNS information found for addressesriz%No certificate information found for :responser RAW_RIR_DATArserverrdumprzError parsing certificate: textz!Failed to parse the SSL cert for r$issuedrissuerr mismatchr!z, hostsaltnamesz*. _internettlds)includeChildrenrrrzHost z could not be resolved _UNRESOLVED AFFILIATEr&r%expiredr" expirystrUnknownexpiringr#) eventTypemodulerEr r r=rGgetvalidIPr__name__notifyListenersrLrAlen parseCertrr@infojoinsetr r+ validHost getTargetmatches resolveHostisDomain startswith)revent eventName srcModuleName eventDatarErMaddressevtrKrObannerrRcertrFsanrBevt_typerrr handleEventvs                            zsfp_ssltools.handleEvent)rf __module__ __qualname____doc__roptdescsr dictrrr'rGrLr}rrrrrs  r) r>r;urllib.requestr8 urllib.parse urllib.errorsflibrrrrrrrr s