From 0bbc0a6a48cc5c1dd916f5c3c88bb4875e1217ad Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Fri, 18 Dec 2015 12:34:55 +0100 Subject: [PATCH] Now with JSON and CSV support - Final commit --- CREDITS.md | 5 ++++- testssl.sh | 39 +++++++++++++++++++++++++++++++-------- 2 files changed, 35 insertions(+), 9 deletions(-) diff --git a/CREDITS.md b/CREDITS.md index 719817a..a5d91b6 100644 --- a/CREDITS.md +++ b/CREDITS.md @@ -66,8 +66,11 @@ * Dmitri S - inspiration & help for Darwin port +* Frank Breedijk + - JSON and CSV output + * Bug reports: - - Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl + - Viktor Szépe, Olivier Paroz, Jan H. Terstegge, Lorenz Adena, Jonathon Rossi, Stefan Stidl, Frank Breedijk ##### Last but not least: diff --git a/testssl.sh b/testssl.sh index c03ff04..fc2111f 100755 --- a/testssl.sh +++ b/testssl.sh @@ -135,6 +135,7 @@ DEBUG=${DEBUG:-0} # 1.: the temp files won't be erased. WIDE=${WIDE:-false} # whether to display for some options the cipher or the table with hexcode/KX,Enc,strength etc. LOGFILE=${LOGILE-""} # logfile if used JSONFILE="testssl.json" # jsonfile if used +CSVFILE="testssl.csv" # csvfile if used HAS_IPv6=${HAS_IPv6:-false} # if you have OPENSSL with IPv6 support AND IPv6 networking set it to yes and testssl.sh works! # tuning vars, can not be set by a cmd line switch @@ -407,20 +408,27 @@ set_color_functions() { fi } -open_json_file() { - if $do_json; then +strip_quote() { + echo $1|sed "s/\"/\\'/g" # Fix syntax highlighting +} + +file_header() { + if [[ $do_json ]]; then echo "[" > $JSONFILE fi + if [[ $do_csv ]]; then + echo "\"id\",\"ip\",\"port\",\"severity\",\"finding\"" > $CSVFILE + fi } -close_json_file() { - if $do_json; then +file_footer() { + if [[ $do_json ]]; then echo "]" >> $JSONFILE fi } output_finding() { # ID, IP, PORT, SEVERITY, FINDING - if $do_json; then + if [[ $do_json ]]; then if ! $FIRST_FINDING; then echo "," >> $JSONFILE fi @@ -433,6 +441,9 @@ output_finding() { # ID, IP, PORT, SEVERITY, FINDING 'finding' : '$5' }" >> $JSONFILE fi + if [[ $do_csv ]]; then + echo -e "\"$(strip_quote "$1")\",\"$(strip_quote "$2")\",\"$(strip_quote "$3")\",\"$(strip_quote "$4")\",\"$(strip_quote "$5")\"" >>$CSVFILE + fi if $FIRST_FINDING; then FIRST_FINDING=false fi @@ -4643,7 +4654,9 @@ tuning options (can also be preset via environment variables): output options: --json output all findngs to a json file (defaults to testssl.json unless set) - --jsonfile set output to json and output to the specified file + --jsonfile set output to json and output json to the specified file + --csv output all findngs to a csv file (defaults to testssl.csv unless set) + --csvfile set output to csv and output csv to the specified file All options requiring a value can also be called with '=' (e.g. testssl.sh -t=smtp --wide --openssl=/usr/bin/openssl . is always the last parameter. @@ -5451,6 +5464,7 @@ initialize_globals() { do_mass_testing=false do_logging=false do_json=false + do_csv=false do_pfs=false do_protocols=false do_rc4=false @@ -5764,6 +5778,15 @@ parse_cmd_line() { [[ $? -eq 0 ]] && shift do_json=true ;; + --csv) + do_csv=true + ;; # DEFINITION of CSVFILE is not arg specified via ENV or automagically in parse_hn_ports() + # following does the same but we can specify a log location additionally + --csvfile=*) + CSVFILE=$(parse_opt_equal_sign "$1" "$2") + [[ $? -eq 0 ]] && shift + do_csv=true + ;; --openssl|--openssl=*) OPENSSL=$(parse_opt_equal_sign "$1" "$2") [[ $? -eq 0 ]] && shift @@ -5906,7 +5929,7 @@ maketempf mybanner check_proxy openssl_age -open_json_file +file_header # TODO: it is ugly to have those two vars here --> main() ret=0 @@ -5952,7 +5975,7 @@ else fi fi -close_json_file +file_footer exit $?