bot: Initial ssl check
All checks were successful
Build Docker / Build Docker (push) Successful in 25s

This commit is contained in:
Nathan Woodburn 2023-09-27 17:27:06 +10:00
parent be6f6c14f9
commit b42a2036d9
Signed by: nathanwoodburn
GPG Key ID: 203B000478AD0EF1
2 changed files with 89 additions and 1 deletions

View File

@ -4,7 +4,7 @@ on: [push]
jobs:
Build Docker:
runs-on: ubuntu-latest
runs-on: [ubuntu-latest, arm]
steps:
- name: Checkout
uses: actions/checkout@v2

88
bot.py
View File

@ -5,6 +5,8 @@ from discord import app_commands
import requests
import dns.resolver
import markdownify
import subprocess
import tempfile
load_dotenv()
TOKEN = os.getenv('DISCORD_TOKEN')
@ -124,6 +126,92 @@ async def curl(ctx, url: str):
await ctx.response.send_message(f"An error occurred: {e}")
except Exception as e:
await ctx.response.send_message(f"An error occurred: {e}")
@tree.command(name="ssl", description="Check SSL certificate")
async def ssl(ctx, domain: str):
message = ""
resolver = dns.resolver.Resolver()
resolver.nameservers = ["100.74.29.146"]
resolver.port = 53
try:
# Query the DNS record
response = resolver.resolve(domain, "A")
records = []
message = "## A records:\n"
for record in response:
records.append(str(record))
message = message + "- " +str(record) + "\n"
if records.count < 1:
await ctx.response.send_message(f"No A record found for {domain}")
return
# Get the first A record
ip = records[0]
# Run the openssl s_client command
s_client_command = ["openssl","s_client","-showcerts","-connect",f"{ip}:443","-servername",domain,"<","/dev/null",]
s_client_process = subprocess.Popen(s_client_command, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
s_client_output, _ = s_client_process.communicate()
certificates = []
current_cert = ""
for line in s_client_output.split(b"\n"):
current_cert += line.decode("utf-8") + "\n"
if "-----END CERTIFICATE-----" in line.decode("utf-8"):
certificates.append(current_cert)
current_cert = ""
if certificates:
cert = certificates[0]
message = message + "\n## Website Certificate:\n`" + cert + "`\n"
with tempfile.NamedTemporaryFile(mode="w", delete=False) as temp_cert_file:
temp_cert_file.write(cert)
temp_cert_file.seek(0) # Move back to the beginning of the temporary file
tlsa_command = [
"openssl",
"x509",
"-in",
temp_cert_file.name,
"-pubkey",
"-noout",
"|",
"openssl",
"pkey",
"-pubin",
"-outform",
"der",
"|",
"openssl",
"dgst",
"-sha256",
"-binary",
"|",
"xxd",
"-p",
"-u",
"-c",
"32",
]
tlsa_process = subprocess.Popen(" ".join(tlsa_command), shell=True, stdout=subprocess.PIPE)
tlsa_output, _ = tlsa_process.communicate()
message = message + "\n## TLSA Record from webserver: `3 1 1 " + tlsa_output.decode("utf-8") + "`\n"
await ctx.response.send_message(message)
else:
ctx.response.send_message(f"No certificate found for {domain}")
return
# Catch all exceptions
except Exception as e:
await ctx.response.send_message(f"An error occurred: {e}")
@tree.command(name="invite", description="Invite me to your server")
async def invite(ctx):