From 4a51ef71d6e989b7f67517c99d28ffb32ee17333 Mon Sep 17 00:00:00 2001
From: Julien Vehent <julien@linuxwall.info>
Date: Wed, 7 Aug 2013 10:40:03 -0400
Subject: [PATCH] Added protocol

---
 CiphersScan.sh |  16 +++--
 README.md      | 191 +++++++++++++++++++++++++++++++++++++++++++------
 2 files changed, 178 insertions(+), 29 deletions(-)

diff --git a/CiphersScan.sh b/CiphersScan.sh
index 4be01c6..909195a 100755
--- a/CiphersScan.sh
+++ b/CiphersScan.sh
@@ -26,13 +26,13 @@ test_cipher_on_target() {
 $REQUEST
 EOF
     # Parse the result
-    result=$(grep "New, " $tmp|awk '{print $5}')
+    result="$(grep "New, " $tmp|awk '{print $5}') $(grep -E "^\s+Protocol\s+:" $tmp|awk '{print $3}')"
     rm "$tmp"
-    if [ -z $result ]; then
+    if [ -z "$result" ]; then
         verbose "handshake failed, no ciphersuite was returned"
         result='ConnectionFailure'
         return 2
-    elif [ "$result" == '(NONE)' ]; then
+    elif [ "$result" == '(NONE) ' ]; then
         verbose "handshake failed, server returned ciphersuite '$result'"
         return 1
     else
@@ -74,7 +74,8 @@ get_cipher_pref() {
     cipherspref=("${cipherspref[@]}" "$result")
     # If the connection succeeded with the current cipher, benchmark and store
     if [ $success -eq 0 ]; then
-        get_cipher_pref "!$result:$ciphersuite"
+        pciph=$(echo $result|awk '{print $1}')
+        get_cipher_pref "!$pciph:$ciphersuite"
         return 0
     fi
 }
@@ -108,8 +109,9 @@ results=()
 get_cipher_pref "ALL"
 ctr=1
 for cipher in "${cipherspref[@]}"; do
+    pciph=$(echo $cipher|awk '{print $1}')
     if [ $DOBENCHMARK -eq 1 ]; then
-        bench_cipher "$cipher"
+        bench_cipher "$pciph"
         r="$ctr $cipher $cipherbenchms"
     else
         r="$ctr $cipher"
@@ -119,9 +121,9 @@ for cipher in "${cipherspref[@]}"; do
 done
 
 if [ $DOBENCHMARK -eq 1 ]; then
-    header="prio ciphersuite avg_handshake_microsec"
+    header="prio ciphersuite protocol avg_handshake_microsec"
 else
-    header="prio ciphersuite"
+    header="prio ciphersuite protocol"
 fi
 ctr=0
 for result in "${results[@]}"; do
diff --git a/README.md b/README.md
index 83e7629..c8289c3 100644
--- a/README.md
+++ b/README.md
@@ -2,38 +2,185 @@ CipherScan
 ==========
 A very simple way to find out which SSL ciphersuites are supported by a target.
 
-Run: ./CipherScan.sh www.google.com:443 -v
+Run: ./CipherScan.sh www.google.com:443
 And watch.
 
-Edit the script if you need more (disable benchmarking by setting DOBENCHMARK to 0).
-
 The newer your version of openssl, the better results you'll get. Older versions
 of OpenSSL don't support TLS1.2 ciphers, elliptic curves, etc... Build Your Own!
 
+Options
+-------
+Enable benchmarking by setting DOBENCHMARK to 1 at the top of the script.
+
+Use '-v' to get more stuff to read.
+
+Use '-a' to force openssl to test every single cipher it know.
 
 
 Example
 -------
 
 ```
-$ ./CiphersScan.sh www.google.com:443
+$ ./CiphersScan.sh www.google.com:443 -a
+prio  ciphersuite                  protocol
+1     ECDHE-RSA-AES128-GCM-SHA256  TLSv1.2
+2     ECDHE-RSA-RC4-SHA            TLSv1.2
+3     ECDHE-RSA-AES128-SHA         TLSv1.2
+4     AES128-GCM-SHA256            TLSv1.2
+5     RC4-SHA                      TLSv1.2
+6     RC4-MD5                      TLSv1.2
+7     ECDHE-RSA-AES256-GCM-SHA384  TLSv1.2
+8     ECDHE-RSA-AES256-SHA384      TLSv1.2
+9     ECDHE-RSA-AES256-SHA         TLSv1.2
+10    AES256-GCM-SHA384            TLSv1.2
+11    AES256-SHA256                TLSv1.2
+12    AES256-SHA                   TLSv1.2
+13    ECDHE-RSA-DES-CBC3-SHA       TLSv1.2
+14    DES-CBC3-SHA                 TLSv1.2
+15    ECDHE-RSA-AES128-SHA256      TLSv1.2
+16    AES128-SHA256                TLSv1.2
+17    AES128-SHA                   TLSv1.2
+18    (NONE)
 
-prio  ciphersuite                  avg_handshake_ms
-1     ECDHE-RSA-AES128-GCM-SHA256  392
-2     ECDHE-RSA-RC4-SHA            412
-3     ECDHE-RSA-AES128-SHA         415
-4     AES128-GCM-SHA256            428
-5     RC4-SHA                      404
-6     RC4-MD5                      399
-7     ECDHE-RSA-AES256-GCM-SHA384  389
-8     ECDHE-RSA-AES256-SHA384      388
-9     ECDHE-RSA-AES256-SHA         394
-10    AES256-GCM-SHA384            388
-11    AES256-SHA256                389
-12    AES256-SHA                   389
-13    ECDHE-RSA-DES-CBC3-SHA       392
-14    DES-CBC3-SHA                 391
-15    ECDHE-RSA-AES128-SHA256      394
-16    AES128-SHA256                391
-17    AES128-SHA                   389
+All accepted ciphersuites
+KO ADH-AES128-GCM-SHA256
+KO ADH-AES128-SHA
+KO ADH-AES128-SHA256
+KO ADH-AES256-GCM-SHA384
+KO ADH-AES256-SHA
+KO ADH-AES256-SHA256
+KO ADH-CAMELLIA128-SHA
+KO ADH-CAMELLIA256-SHA
+KO ADH-DES-CBC3-SHA
+KO ADH-DES-CBC-SHA
+KO ADH-RC4-MD5
+KO ADH-SEED-SHA
+KO AECDH-AES128-SHA
+KO AECDH-AES256-SHA
+KO AECDH-DES-CBC3-SHA
+KO AECDH-NULL-SHA
+KO AECDH-RC4-SHA
+OK AES128-GCM-SHA256
+OK AES128-SHA
+OK AES128-SHA256
+OK AES256-GCM-SHA384
+OK AES256-SHA
+OK AES256-SHA256
+KO CAMELLIA128-SHA
+KO CAMELLIA256-SHA
+KO DES-CBC3-MD5
+OK DES-CBC3-SHA
+KO DES-CBC-MD5
+KO DES-CBC-SHA
+KO DH-DSS-AES128-GCM-SHA256
+KO DH-DSS-AES128-SHA
+KO DH-DSS-AES128-SHA256
+KO DH-DSS-AES256-GCM-SHA384
+KO DH-DSS-AES256-SHA
+KO DH-DSS-AES256-SHA256
+KO DH-DSS-CAMELLIA128-SHA
+KO DH-DSS-CAMELLIA256-SHA
+KO DH-DSS-DES-CBC3-SHA
+KO DH-DSS-DES-CBC-SHA
+KO DH-DSS-SEED-SHA
+KO DHE-DSS-AES128-GCM-SHA256
+KO DHE-DSS-AES128-SHA
+KO DHE-DSS-AES128-SHA256
+KO DHE-DSS-AES256-GCM-SHA384
+KO DHE-DSS-AES256-SHA
+KO DHE-DSS-AES256-SHA256
+KO DHE-DSS-CAMELLIA128-SHA
+KO DHE-DSS-CAMELLIA256-SHA
+KO DHE-DSS-SEED-SHA
+KO DHE-RSA-AES128-GCM-SHA256
+KO DHE-RSA-AES128-SHA
+KO DHE-RSA-AES128-SHA256
+KO DHE-RSA-AES256-GCM-SHA384
+KO DHE-RSA-AES256-SHA
+KO DHE-RSA-AES256-SHA256
+KO DHE-RSA-CAMELLIA128-SHA
+KO DHE-RSA-CAMELLIA256-SHA
+KO DHE-RSA-SEED-SHA
+KO DH-RSA-AES128-GCM-SHA256
+KO DH-RSA-AES128-SHA
+KO DH-RSA-AES128-SHA256
+KO DH-RSA-AES256-GCM-SHA384
+KO DH-RSA-AES256-SHA
+KO DH-RSA-AES256-SHA256
+KO DH-RSA-CAMELLIA128-SHA
+KO DH-RSA-CAMELLIA256-SHA
+KO DH-RSA-DES-CBC3-SHA
+KO DH-RSA-DES-CBC-SHA
+KO DH-RSA-SEED-SHA
+KO ECDH-ECDSA-AES128-GCM-SHA256
+KO ECDH-ECDSA-AES128-SHA
+KO ECDH-ECDSA-AES128-SHA256
+KO ECDH-ECDSA-AES256-GCM-SHA384
+KO ECDH-ECDSA-AES256-SHA
+KO ECDH-ECDSA-AES256-SHA384
+KO ECDH-ECDSA-DES-CBC3-SHA
+KO ECDH-ECDSA-NULL-SHA
+KO ECDH-ECDSA-RC4-SHA
+KO ECDHE-ECDSA-AES128-GCM-SHA256
+KO ECDHE-ECDSA-AES128-SHA
+KO ECDHE-ECDSA-AES128-SHA256
+KO ECDHE-ECDSA-AES256-GCM-SHA384
+KO ECDHE-ECDSA-AES256-SHA
+KO ECDHE-ECDSA-AES256-SHA384
+KO ECDHE-ECDSA-DES-CBC3-SHA
+KO ECDHE-ECDSA-NULL-SHA
+KO ECDHE-ECDSA-RC4-SHA
+OK ECDHE-RSA-AES128-GCM-SHA256
+OK ECDHE-RSA-AES128-SHA
+OK ECDHE-RSA-AES128-SHA256
+OK ECDHE-RSA-AES256-GCM-SHA384
+OK ECDHE-RSA-AES256-SHA
+OK ECDHE-RSA-AES256-SHA384
+OK ECDHE-RSA-DES-CBC3-SHA
+KO ECDHE-RSA-NULL-SHA
+OK ECDHE-RSA-RC4-SHA
+KO ECDH-RSA-AES128-GCM-SHA256
+KO ECDH-RSA-AES128-SHA
+KO ECDH-RSA-AES128-SHA256
+KO ECDH-RSA-AES256-GCM-SHA384
+KO ECDH-RSA-AES256-SHA
+KO ECDH-RSA-AES256-SHA384
+KO ECDH-RSA-DES-CBC3-SHA
+KO ECDH-RSA-NULL-SHA
+KO ECDH-RSA-RC4-SHA
+KO EDH-DSS-DES-CBC3-SHA
+KO EDH-DSS-DES-CBC-SHA
+KO EDH-RSA-DES-CBC3-SHA
+KO EDH-RSA-DES-CBC-SHA
+KO EXP-ADH-DES-CBC-SHA
+KO EXP-ADH-RC4-MD5
+KO EXP-DES-CBC-SHA
+KO EXP-DH-DSS-DES-CBC-SHA
+KO EXP-DH-RSA-DES-CBC-SHA
+KO EXP-EDH-DSS-DES-CBC-SHA
+KO EXP-EDH-RSA-DES-CBC-SHA
+KO EXP-RC2-CBC-MD5
+KO EXP-RC4-MD5
+KO IDEA-CBC-MD5
+KO IDEA-CBC-SHA
+KO NULL-MD5
+KO NULL-SHA
+KO NULL-SHA256
+KO PSK-3DES-EDE-CBC-SHA
+KO PSK-AES128-CBC-SHA
+KO PSK-AES256-CBC-SHA
+KO PSK-RC4-SHA
+KO RC2-CBC-MD5
+OK RC4-MD5
+OK RC4-SHA
+KO SEED-SHA
+KO SRP-3DES-EDE-CBC-SHA
+KO SRP-AES-128-CBC-SHA
+KO SRP-AES-256-CBC-SHA
+KO SRP-DSS-3DES-EDE-CBC-SHA
+KO SRP-DSS-AES-128-CBC-SHA
+KO SRP-DSS-AES-256-CBC-SHA
+KO SRP-RSA-3DES-EDE-CBC-SHA
+KO SRP-RSA-AES-128-CBC-SHA
+KO SRP-RSA-AES-256-CBC-SHA
 ```