BIN: Adds lucky13 to verifySSL

Jonathan Hodgson 4 years ago
parent c1ba95117a
commit 15b18a4a0a
  1. 16
      bin/.bin/webtest/verifySSL

@ -23,6 +23,7 @@ print_help(){
list_vulnerabilites(){ list_vulnerabilites(){
echo "Beast" echo "Beast"
echo "Sweet32" echo "Sweet32"
echo "Lucky13"
} }
check-beast(){ check-beast(){
@ -67,6 +68,18 @@ check-sweet32(){
rm "$tmpfile" rm "$tmpfile"
} }
check-lucky13(){
local tmpfile="$(mktemp)"
$openssl ciphers -v | grep -i cbc3 | cut -d' ' -f1 | while read cipher; do
echo "\$ openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
done
}
while [ "$#" -gt 0 ]; do while [ "$#" -gt 0 ]; do
case "$1" in case "$1" in
-p|--port) -p|--port)
@ -107,6 +120,9 @@ case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in
sweet32) sweet32)
check-sweet32 check-sweet32
;; ;;
lucky13)
check-lucky13
;;
*) *)
die "Unknown vulnerability $vulnerability" die "Unknown vulnerability $vulnerability"
;; ;;

Loading…
Cancel
Save