-
Notifications
You must be signed in to change notification settings - Fork 26
/
crt_v2.sh
152 lines (130 loc) · 4.44 KB
/
crt_v2.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
#!/bin/bash
# Display banner
echo "
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| ..| search crt.sh v 2.0 |.. |
+ site : crt.sh Certificate Search +
| Twitter: az7rb |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
"
# Function: Help
# Purpose: Display the help message with usage instructions.
Help() {
echo "Options:"
echo ""
echo "-h Help"
echo "-d Search Domain Name | Example: $0 -d hackerone.com"
echo "-o Search Organization Name | Example: $0 -o hackerone+inc"
echo ""
}
# Function: CleanResults
# Purpose: Clean and filter the results by removing unwanted characters and duplicates.
# - Converts escaped newlines to actual newlines.
# - Removes wildcard characters (*).
# - Filters out email addresses.
# - Sorts the results and removes duplicates.
CleanResults() {
sed 's/\\n/\n/g' | \
sed 's/\*.//g' | \
sed -r 's/([A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,4})//g' | \
sort | uniq
}
# Function: Domain
# Purpose: Search for certificates associated with a specific domain name.
# - Sends a request to crt.sh with the specified domain.
# - Processes the JSON response to extract common names and domain values.
# - Cleans and filters the results using CleanResults function.
# - Saves the results to an output file and displays them.
Domain() {
# Check if the domain name is provided
if [ -z "$req" ]; then
echo "Error: Domain name is required."
exit 1
fi
# Perform the search request to crt.sh
response=$(curl -s "https://crt.sh?q=%.$req&output=json")
# Check if the response is empty
if [ -z "$response" ]; then
echo "No results found for domain $req"
exit 1
fi
# Process the response, clean it, and store the results
results=$(echo "$response" | jq -r ".[].common_name,.[].name_value" | CleanResults)
# Check if there are any valid results after cleaning
if [ -z "$results" ]; then
echo "No valid results found."
exit 1
fi
# Define the output file name based on the domain
output_file="output/domain.$req.txt"
# Save the results to the output file
echo "$results" > "$output_file"
# Display the results and summary
echo ""
echo "$results"
echo ""
echo -e "\e[32m[+]\e[0m Total Save will be \e[31m$(echo "$results" | wc -l)\e[0m Domain only"
echo -e "\e[32m[+]\e[0m Output saved in $output_file"
}
# Function: Organization
# Purpose: Search for certificates associated with a specific organization name.
# - Sends a request to crt.sh with the specified organization name.
# - Processes the JSON response to extract common names.
# - Cleans and filters the results using CleanResults function.
# - Saves the results to an output file and displays them.
Organization() {
# Check if the organization name is provided
if [ -z "$req" ]; then
echo "Error: Organization name is required."
exit 1
fi
# Perform the search request to crt.sh
response=$(curl -s "https://crt.sh?q=$req&output=json")
# Check if the response is empty
if [ -z "$response" ]; then
echo "No results found for organization $req"
exit 1
fi
# Process the response, clean it, and store the results
results=$(echo "$response" | jq -r ".[].common_name" | CleanResults)
# Check if there are any valid results after cleaning
if [ -z "$results" ]; then
echo "No valid results found."
exit 1
fi
# Define the output file name based on the organization name
output_file="output/org.$req.txt"
# Save the results to the output file
echo "$results" > "$output_file"
# Display the results and summary
echo ""
echo "$results"
echo ""
echo -e "\e[32m[+]\e[0m Total Save will be \e[31m$(echo "$results" | wc -l)\e[0m Domain only"
echo -e "\e[32m[+]\e[0m Output saved in $output_file"
}
# Main Script Logic
# If no arguments are provided, display the help message
if [ -z "$1" ]; then
Help
exit
fi
# Parse command-line options using getopts
while getopts "h:d:o:" option; do
case $option in
h) # Display help
Help
;;
d) # Search for domain name
req=$OPTARG
Domain
;;
o) # Search for organization name
req=$OPTARG
Organization
;;
*) # Invalid option, display help
Help
;;
esac
done