diff --git a/bin/x509/ip-ssl-subject.py b/bin/x509/ip-ssl-subject.py index 8bb0d19..2c35a91 100644 --- a/bin/x509/ip-ssl-subject.py +++ b/bin/x509/ip-ssl-subject.py @@ -12,12 +12,14 @@ import argparse import redis import sys import netaddr +import json argParser = argparse.ArgumentParser(description='Tool to lookup IP for known fingerprints and X.509 subjects') argParser.add_argument('-b', default='127.0.0.1', help='Redis host (default is 127.0.0.1)') argParser.add_argument('-p', default=6379, help='Redis TCP port (default is 6379)') argParser.add_argument('-s', action='append', help='IPv4 subnet to lookup') argParser.add_argument('-v', action='store_true', help='Verbose output') +argParser.add_argument('-o', default='readable', help='readable (default), json') args = argParser.parse_args() if args.s is None: @@ -28,18 +30,38 @@ try: r = redis.StrictRedis(host=args.b, port=args.p) except: print "Unable to connect to the Redis server" - sys.exit(1) + sys.exit(255) + +if args.o == 'json': + out = {} +elif args.o == 'readable': + pass +else: + print "Unknown output format" + sys.exit(255) for subnet in args.s: iplist = netaddr.IPNetwork(subnet) for ip in iplist: s = r.smembers(ip) if s: - print ip - for x in s: - subjects = r.smembers(x) + if args.o == 'readable': + print ip + else: + out[str(ip)] = [] + for fingerprint in s: + subjects = r.smembers(fingerprint) if subjects: for subject in subjects: - print " " + subject + if args.o == 'readable': + print " " + subject + else: + out[str(ip)].append(subject) else: - print " " + x + if args.o == 'readable': + print " " + fingerprint + else: + out[str(ip)].append(fingerprint) + +if args.o == 'json': + print json.dumps(out)