censys_cert_search.rb

#!/usr/bin/ruby

# deps
# gem install curb dnsruby
# 
# might need on ubuntu:
#  sudo apt-get install libcurl4-openssl-dev

require 'json'
require 'curb'
require 'openssl'
require 'base64'
require 'pp'
require 'net/http'
require 'rubygems'
require 'dnsruby'
include Dnsruby

$stdout.sync = true

def do_something_with_cert(cert_der)
  c = OpenSSL::X509::Certificate.new(cert_der)
  puts c.to_text
end

unless ARGV.size >= 1
  puts "|!| Usage: ruby censys_cert_search.rb [CERT_STRING] {AVOID_COMMON_NAME}"
  puts "|+| \t\t ruby censys_cert_search.rb 'Snapchat Inc.' \n\n"
  puts "|+| To skip over common_names and dig deeper include a second argument."
  puts "|+| \t\t ruby censys_cert_search.rb 'Snapchat Inc.' '*snapchat.com' \n\n"
  puts "|+| To skip over common_names but don't perform DNS lookups."
  puts "|+| \t\t ruby censys_cert_search.rb 'Snapchat Inc.' '*snapchat.com' false \n\n"

  abort()
end

class Censys
  API_ID = '[NEED_API_ID]'
  API_SECRET = '[NEED_API_SECRET]'
  CENSYS_URI = 'https://censys.io/api/v1/search/certificates'

  if API_ID == "[NEED_API_ID]"
      puts "|!| Please add your API_ID in the script"
      abort()
  end

  def dns_lookup(host)
    begin
      # Use the OpenDNS nameservers to run a query
      res = Dnsruby::Resolver.new(:nameserver => ["208.67.222.222","208.67.220.220"])
      ret = res.query(host)
      ret.each_answer do |an|
        puts an
      end
    rescue StandardError => e
      puts e
    end
  end

  def find_cross(page)
#    query_string = 'subject_dn:"O=Snapchat Inc.*"  and not common_name:"*snapchat.com"'
    query_string = "subject_dn:\"O=#{ARGV[0]}*\""
    query_string = "subject_dn:\"O=#{ARGV[0]}*\" and not common_name:\"#{ARGV[1]}\"" if ARGV[1] 
    result_fields = ["ip","parsed.subject.common_name","parsed.extensions.subject_alt_name.dns_names"]


    post_body = {
      :query => query_string,
      :page => page,
      :fields => result_fields
    }

    post_json = post_body.to_json

    c = Curl::Easy.new(CENSYS_URI)
    c.http_auth_types = :basic
    c.username = API_ID
    c.password = API_SECRET

    res_str = ""
    begin
      c.http_post(post_json) do |curl|
        curl.headers['Accept'] = 'application/json, */*'
        curl.headers['Content-Type'] = 'application/json'
      end
      #p c
      res_str = c.body_str
      #p res_str
      resies = JSON.parse(res_str)
      resies["results"].each do |resa|
        p resa
        if resa["parsed.subject.common_name"]
          resa["parsed.subject.common_name"].each do |aaa|
            next if ARGV[2]
            puts "|+| Checking #{aaa}"
            puts dns_lookup(aaa) 
          end
        end
        if resa["parsed.extensions.subject_alt_name.dns_names"]
          resa["parsed.extensions.subject_alt_name.dns_names"].each do |aaa|
            next if ARGV[2]
            puts "|+| Checking #{aaa}"
            puts dns_lookup(aaa) 
          end
        end
      end
      c.close
    rescue StandardError => e
      puts e
    end

    unless res_str
  puts "NO RESPONSE"
    end
    return res_str
  end
end

c = Censys.new
page = 1

puts "Page: #{page}"
last = Time.now

raw_res = c.find_cross(page)
if raw_res
  r = JSON.parse(raw_res)
  p r["metadata"]
  pages = r["metadata"]["pages"]
end
while page < pages
  row_num = 0
  page += 1
  print "Page: #{page}/#{pages}"
  while (Time.now - last) < 5
    print "."
    sleep 1
  end
  puts " "
  last = Time.now
  c.find_cross(page)
end

This is not working; i get the below error
undefined method each' for nil:NilClass nil ./5.rb:129:in

': undefined method `[]' for nil:NilClass (NoMethodError)