BIN: adds sweet32 test to verifySSL

Jonathan Hodgson 4 years ago
parent a4dc363ee6
commit 4c2f3dbc4d
  1. 14
      bin/.bin/webtest/verifySSL

@ -22,6 +22,7 @@ print_help(){
list_vulnerabilites(){ list_vulnerabilites(){
echo "Beast" echo "Beast"
echo "Sweet32"
} }
check-beast(){ check-beast(){
@ -61,6 +62,16 @@ check-beast(){
} }
check-sweet32(){
local tmpfile="$(mktemp)"
echo "openssl s_client -cipher 3DES -connect ${host}:${port}" >> "$tmpfile"
echo "" | $openssl s_client -cipher 3DES -connect "${host}:${port}" >> "$tmpfile" 2>&1
if [ "$?" -eq 0 ]; then
cat "$tmpfile"
fi
rm "$tmpfile"
}
while [ "$#" -gt 0 ]; do while [ "$#" -gt 0 ]; do
case "$1" in case "$1" in
-p|--port) -p|--port)
@ -98,6 +109,9 @@ case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in
beast) beast)
check-beast check-beast
;; ;;
sweet32)
check-sweet32
;;
*) *)
die "Unknown vulnerability $vulnerability" die "Unknown vulnerability $vulnerability"
;; ;;

Loading…
Cancel
Save