You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

130 lines
2.7 KiB

#!/usr/bin/env bash
port=443
vulnerability=""
host=""
openssl="$(which openssl)"
die(){
echo "$@" >&2
exit 1
}
print_help(){
echo "Attempts to connect using different tls versions"
echo ""
echo "verifySSL [options] <host>"
echo ""
echo "-p | --port Port number (default 443)"
echo "-v | --vulnerability The vulnerability to test"
echo "--list List the vulnerabilities that can be tested"
}
list_vulnerabilites(){
echo "Beast"
echo "Sweet32"
echo "Lucky13"
}
check-beast(){
local tls1
local ssl3
local tmpfile="$(mktemp)"
# In order to test beast, you need to have a cbc cipher and tls1 or sslv3
echo "" | $openssl s_client -tls1 -connect "${host}:${port}" > /dev/null 2>&1
tls1="$?"
echo "" | $openssl s_client -ssl3 -connect "${host}:${port}" > /dev/null 2>&1
ssl3="$?"
$openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do
if [ $tls1 -eq 0 ]; then
echo "\$ openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
fi
if [ $ssl3 -eq 0 ]; then
echo "\$ openssl s_client -ssl3 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -ssl3 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
fi
done
}
check-sweet32(){
local tmpfile="$(mktemp)"
echo "\$ openssl s_client -cipher 3DES -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -cipher 3DES -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
}
check-lucky13(){
local tmpfile="$(mktemp)"
$openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do
echo "\$ openssl s_client -cipher $cipher -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
done
}
while [ "$#" -gt 0 ]; do
case "$1" in
-p|--port)
port="$2"
shift; shift
;;
-v|--vulnerability)
vulnerability="$2"
shift; shift
;;
--openssl)
openssl="$2"
shift;shift
;;
-h|--help)
print_help
exit 0
;;
--list)
list_vulnerabilites
exit 0
;;
*)
host="$1"
shift
;;
esac
done
if [ -z "$host" ]; then
die "No host provided"
fi
case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in
beast)
check-beast
;;
sweet32)
check-sweet32
;;
lucky13)
check-lucky13
;;
*)
die "Unknown vulnerability $vulnerability"
;;
esac