Shodan SSL Chain cert details

sslChainDeetz.py

# !/usr/bin/env python
# sslChainDeetz.py
#
# Dependencies:
# - shodan
# - pyOpenSSL
#
# Installation:
# sudo easy_install shodan
#
# Usage:
# 1. Download a json.gz file from Shoda which contains chain certfificates
#    Example:
#        shodan download --limit 100 sample country:US port:443 ssl.chain_count:2
# 2. Run the tool on the file:
#        python sslChainDeetz.py sample.json.gz
# 3. Script will output all certificate details including True/False on whether cert expired
#
#
from sys import argv
from OpenSSL import crypto
from shodan.helpers import iterate_files, get_ip

for banner in iterate_files(argv[1:]):
    ip = get_ip(banner)

    try:
        for certlist in banner['ssl']['chain']:
            cert = crypto.load_certificate(crypto.FILETYPE_PEM, certlist)
            # Certificate details
            subject = cert.get_subject()
            issued_to = subject.CN    # the Common Name field
            # Issuer details
            issuer = cert.get_issuer()
            issuedOU = issuer.OU
            issuedST = issuer.ST
            issuedO = issuer.O
            issuedL = issuer.L
            issuedC = issuer.C
            issuedCN = issuer.CN
            # Validity & Serial details
            issued = cert.get_notBefore()
            expires = cert.get_notAfter()
            serial = cert.get_serial_number()
            expired = cert.has_expired()
            print('{}:{}:{}:{}:{}:{}:{}:{}:{}:{}:{}:Expired={}'.format(ip, issued_to, issuedOU, issuedST, issuedO, issuedL, issuedCN, issuedC, issued, expires, serial, expired))
            #print(expires)
    except:
        pass