You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
113 lines
2.3 KiB
113 lines
2.3 KiB
#!/usr/bin/env bash |
|
|
|
port=443 |
|
vulnerability="" |
|
host="" |
|
openssl="$(which openssl)" |
|
|
|
die(){ |
|
echo "$@" >&2 |
|
exit 1 |
|
} |
|
|
|
print_help(){ |
|
echo "Attempts to connect using different tls versions" |
|
echo "" |
|
echo "verifySSL [options] <host>" |
|
echo "" |
|
echo "-p | --port Port number (default 443)" |
|
echo "-v | --vulnerability The vulnerability to test" |
|
echo "--list List the vulnerabilities that can be tested" |
|
} |
|
|
|
list_vulnerabilites(){ |
|
echo "Beast" |
|
echo "Sweet32" |
|
} |
|
|
|
check-beast(){ |
|
local tls1 |
|
local ssl3 |
|
local tmpfile="$(mktemp)" |
|
# In order to test beast, you need to have a cbc cipher and tls1 or sslv3 |
|
echo "" | $openssl s_client -tls1 -connect "${host}:${port}" > /dev/null 2>&1 |
|
tls1="$?" |
|
echo "" | $openssl s_client -ssl3 -connect "${host}:${port}" > /dev/null 2>&1 |
|
ssl3="$?" |
|
|
|
$openssl ciphers -v | grep -i cbc | cut -d' ' -f1 | while read cipher; do |
|
if [ $tls1 -eq 0 ]; then |
|
echo "\$ openssl s_client -tls1 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" |
|
echo "" | $openssl s_client -tls1 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1 |
|
if [ "$?" -eq 0 ]; then |
|
cat "$tmpfile" |
|
fi |
|
rm "$tmpfile" |
|
fi |
|
|
|
if [ $ssl3 -eq 0 ]; then |
|
echo "\$ openssl s_client -ssl3 -cipher $cipher -connect ${host}:${port}" >> "$tmpfile" |
|
echo "" | $openssl s_client -ssl3 -cipher "$cipher" -connect "${host}:${port}" >> "$tmpfile" 2>&1 |
|
if [ "$?" -eq 0 ]; then |
|
cat "$tmpfile" |
|
fi |
|
rm "$tmpfile" |
|
fi |
|
done |
|
|
|
} |
|
|
|
check-sweet32(){ |
|
local tmpfile="$(mktemp)" |
|
echo "\$ openssl s_client -cipher 3DES -connect ${host}:${port}" >> "$tmpfile" |
|
echo "" | $openssl s_client -cipher 3DES -connect "${host}:${port}" >> "$tmpfile" 2>&1 |
|
if [ "$?" -eq 0 ]; then |
|
cat "$tmpfile" |
|
fi |
|
rm "$tmpfile" |
|
} |
|
|
|
while [ "$#" -gt 0 ]; do |
|
case "$1" in |
|
-p|--port) |
|
port="$2" |
|
shift; shift |
|
;; |
|
-v|--vulnerability) |
|
vulnerability="$2" |
|
shift; shift |
|
;; |
|
--openssl) |
|
openssl="$2" |
|
shift;shift |
|
;; |
|
-h|--help) |
|
print_help |
|
exit 0 |
|
;; |
|
--list) |
|
list_vulnerabilites |
|
exit 0 |
|
;; |
|
*) |
|
host="$1" |
|
shift |
|
;; |
|
esac |
|
done |
|
|
|
if [ -z "$host" ]; then |
|
die "No host provided" |
|
fi |
|
|
|
case "$(echo "$vulnerability" | tr '[:upper:]' '[:lower:]')" in |
|
beast) |
|
check-beast |
|
;; |
|
sweet32) |
|
check-sweet32 |
|
;; |
|
*) |
|
die "Unknown vulnerability $vulnerability" |
|
;; |
|
esac
|
|
|