From d8e3b894c046f9c99eda3e371128eff29cad2b4a Mon Sep 17 00:00:00 2001 From: Jonathan Hodgson Date: Wed, 13 Jan 2021 16:39:34 +0000 Subject: [PATCH] BIN: Adds lucky13 to verifySSL --- bin/.bin/webtest/verifySSL | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/bin/.bin/webtest/verifySSL b/bin/.bin/webtest/verifySSL index 883463cb..a9f40b3e 100755 --- a/bin/.bin/webtest/verifySSL +++ b/bin/.bin/webtest/verifySSL @@ -23,6 +23,7 @@ print_help(){ list_vulnerabilites(){ echo "Beast" echo "Sweet32" + echo "Lucky13" } check-beast(){ @@ -67,6 +68,18 @@ check-sweet32(){ rm "$tmpfile" } +check-lucky13(){ + local tmpfile="$(mktemp)" + $openssl ciphers -v | grep -i cbc3 | cut -d' ' -f1 | while read cipher; do + echo "\$ openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" + echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1 + if [ "$?" -eq 0 ]; then + cat "$tmpfile" + fi + rm "$tmpfile" + done +} + while [ "$#" -gt 0 ]; do case "$1" in -p|--port) @@ -107,6 +120,9 @@ case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in sweet32) check-sweet32 ;; + lucky13) + check-lucky13 + ;; *) die "Unknown vulnerability $vulnerability" ;;