LittleNellie/cipherscan
2
0
Fork 0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-22 14:23:41 +01:00
Code Issues Releases Wiki Activity

Better doc

Browse Source
This commit is contained in:
Julien Vehent 2013-12-09 10:40:23 -05:00
parent f7c159b568
commit 34a011ab71
1 changed files with 32 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
CiphersScan.sh
View File

@ -6,6 +6,10 @@ OPENSSLBIN="./openssl"
#OPENSSLBIN="/usr/bin/openssl" #OPENSSLBIN="/usr/bin/openssl"
TIMEOUT=10 TIMEOUT=10
CIPHERSUITE="ALL:COMPLEMENTOFALL" CIPHERSUITE="ALL:COMPLEMENTOFALL"
TARGET=$1
VERBOSE=0
ALLCIPHERS=0
OUTPUTFORMAT="terminal"
REQUEST="GET / HTTP/1.1 REQUEST="GET / HTTP/1.1
Host: $TARGET Host: $TARGET
Connection: close Connection: close
@ -14,6 +18,26 @@ Connection: close
" "
usage() {
echo -e "usage: $0 <target:port>
$0 attempts to connect to a target site using all the ciphersuites it knowns.
Julien Vehent [:ulfr] - https://github.com/jvehent/cipherscan
example: $ ./CipherScan.sh www.google.com:443
Use only one of the options below:
-v\tincrease verbosity
-a\ttest all known ciphers individually at the end
-json\toutput results in json format
OpenSSL path can be changed in the OPENSSLBIN variable
Benchmarking can be enabled in the DOBENCHMARK variable
"
exit 1
}
verbose() { verbose() {
if [ $VERBOSE -eq 1 ];then if [ $VERBOSE -eq 1 ];then
echo $@ echo $@
@ -113,6 +137,7 @@ get_cipher_pref() {
fi fi
} }
display_results_in_terminal() { display_results_in_terminal() {
# Display the results # Display the results
ctr=1 ctr=1
@ -143,32 +168,9 @@ display_results_in_terminal() {
done|column -t done|column -t
} }
display_results_in_json() { display_results_in_json() {
# Display the results in json # Display the results in json
# {
# "target": "www.google.com:443",
# "date": "Mon, 09 Dec 2013 09:34:45 -0500",
# "ciphersuite": [
# {
# "cipher": "AES128-SHA",
# "protocols": [
# "tls1",
# "tls1.1",
# "tls1.2"
# ],
# "pfs": "1024bits"
# },
# {
# "cipher": "AES256-SHA",
# "protocols": [
# "tls1",
# "tls1.1",
# "tls1.2"
# ],
# "pfs": "1024bits"
# }
# ]
# }
ctr=0 ctr=0
echo -n "{\"target\":\"$TARGET\",\"date\":\"$(date -R)\",\"ciphersuite\": [" echo -n "{\"target\":\"$TARGET\",\"date\":\"$(date -R)\",\"ciphersuite\": ["
for cipher in "${cipherspref[@]}"; do for cipher in "${cipherspref[@]}"; do
@ -184,30 +186,19 @@ display_results_in_json() {
} }
if [ -z $1 ]; then [[ -z $1 || "$1" == "-h" || "$1" == "--help" ]] && usage
echo "
usage: $0 <target:port> <-v>
$0 attempts to connect to a target site using all the ciphersuites it knowns.
jvehent - ulfr - 2013
"
exit 1
fi
TARGET=$1
VERBOSE=0
ALLCIPHERS=0
OUTPUTFORMAT="terminal"
if [ ! -z $2 ]; then if [ ! -z $2 ]; then
if [ "$2" == "-v" ]; then if [ "$2" == "-v" ]; then
VERBOSE=1 VERBOSE=1
echo "Loading $($OPENSSLBIN ciphers -v $CIPHERSUITE 2>/dev/null|grep Kx|wc -l) ciphersuites from $(echo -n $($OPENSSLBIN version 2>/dev/null))" echo "Loading $($OPENSSLBIN ciphers -v $CIPHERSUITE 2>/dev/null|grep Kx|wc -l) ciphersuites from $(echo -n $($OPENSSLBIN version 2>/dev/null))"
$OPENSSLBIN ciphers ALL 2>/dev/null $OPENSSLBIN ciphers ALL 2>/dev/null
fi elif [ "$2" == "-a" ]; then
if [ "$2" == "-a" ]; then
ALLCIPHERS=1 ALLCIPHERS=1
fi elif [ "$2" == "-json" ]; then
if [ "$2" == "-json" ]; then
OUTPUTFORMAT="json" OUTPUTFORMAT="json"
else
echo "ERROR: unknown option '$2'"; echo
usage
fi fi
fi fi