Newer
Older
CVSS_3.0_GUI / CHaS.pl
root on 7 May 2 KB Initial commit
#!/usr/bin/perl
# By NaN
#
#   Requirements:
#       aha              https://github.com/masukomi/aha 
#       sslscan          https://github.com/rbsec/sslscan 
#       testssl          https://github.com/drwetter/testssl.sh
#       securityheaders  https://github.com/juerkkil/securityheaders

use strict;
use warnings;


my $sslscan = "sslscan";                                  # command or path to sslscan
my $testssl = "/opt/testssl.sh/testssl.sh";               # command or path to testssl.sh
my $headers = "/opt/securityheaders/securityheaders.py";  # securityheaders 
my $aha     = "aha";                                      # command or path to aha
my $browser = "thunar";                                   # your file browser - remove to disable

if($#ARGV < 1){
        print "Check Headers and SSL v0.1\n";
        print "Usage: ./CHaS.pl </full/directory/path> <https://www.url.com>\n";
        exit(-1);
}else{
        
        my $dir = $ARGV[0];
        my $url = $ARGV[1]; 
        my @children_pids;

        if($url =~ /^(?:(?:https?|s))/i){}else{
                die "[!] Not a valid URL!\n";
        }

        print "[i] Directory: $dir \n";
        print "[i] URL: $url \n";

        print "[+] Creating Directory\n";
        unless(mkdir($dir, 0755)) {
                die "[!] Unable to create!\n";
        }

        my $pid = fork();
        if( $pid == 0 ){
                push @children_pids, $pid;
                print "[+] Launching SSLScan\n";
                system("$sslscan $url | aha >$dir/sslscan.html");
                print "[+] Finished SSLScan\n";
                exit 0;
        }

        my $pid2 = fork();
        if( $pid2 == 0 ){
                push @children_pids, $pid2;
                print "[+] Launching testssl.sh\n";
                system("$testssl $url | aha >$dir/testssl.html");
                print "[+] Finished testssl.sh\n";
                exit 0;
        }

        my $pid3 = fork();
        if( $pid3 == 0 ){
                push @children_pids, $pid3;
                print "[+] Checking Headers\n";
                system(" echo \"curl -Is --insecure $url\n\" > $dir/headers.txt");
                system("curl -Is --insecure $url >> $dir/headers.txt");
                system("python $headers $url | aha >$dir/headers.html");
                print "[+] Finished Headers\n";
                exit 0;
        }

        my $loop = 1;
        $SIG{CHLD} = 'DEFAULT';  # turn off auto reaper
        $SIG{INT} = $SIG{TERM} = sub {$loop = 0; kill -15 => @children_pids};
        while ($loop && getppid() != 1) {
                my $child = waitpid(-1, 0);
                last if $child == -1;
        }

        if( length $browser ){
                print "[!] Launching file browser\n"; 
                system("$browser $dir &");      
        }else{
             print "[!] Complete\n";   
        }
        exit();
}