Initial commit

CiphersScan.sh

@@ -0,0 +1,118 @@
+#!/usr/bin/env bash
+
+DOBENCHMARK=0
+BENCHMARKITER=10
+#OPENSSLBIN="/home/ulfr/Code/openssl/apps/openssl"
+OPENSSLBIN=$(which openssl)
+REQUEST="GET / HTTP/1.1
+Host: $TARGET
+
+
+"
+
+
+verbose() {
+    if [ $VERBOSE -eq 1 ];then
+        echo $@
+    fi
+}
+
+
+# Connect to a target host with the selected ciphersuite
+test_cipher_on_target() {
+    local sslcommand=$@
+    local tmp=$(mktemp)
+    $sslcommand 1>$tmp 2>/dev/null << EOF
+$REQUEST
+EOF
+    # Parse the result
+    result=$(grep "New, " $tmp|awk '{print $5}')
+    rm $tmp
+    if [ "$result" == '(NONE)' ]; then
+        verbose "handshake failed, server returned ciphersuite '$result'"
+        return 1
+    else
+        verbose "handshake succeeded, server returned ciphersuite '$result'"
+        return 0
+    fi
+}
+
+
+# Calculate the average handshake time for a specific ciphersuite
+bench_cipher() {
+    local ciphersuite="$1"
+    local sslcommand="$OPENSSLBIN s_client -connect $TARGET -cipher $ciphersuite"
+    local t="$(date +%s%N)"
+    verbose "Benchmarking handshake on '$TARGET' with ciphersuite '$ciphersuite'"
+    for i in $(seq 1 $BENCHMARKITER); do
+        $sslcommand 2>/dev/null 1>/dev/null << EOF
+$REQUEST
+EOF
+    done
+    # Time interval in nanoseconds
+    local t="$(($(date +%s%N) - t))"
+    verbose "Benchmarking done in $t nanoseconds"
+    # Milliseconds
+    cipherbenchms="$((t/1000000/$BENCHMARKITER))"
+}
+
+
+# Connect to the target and retrieve the chosen cipher
+get_cipher_pref() {
+    local ciphersuite="$1"
+    local sslcommand="$OPENSSLBIN s_client -connect $TARGET -cipher $ciphersuite"
+    verbose "Connecting to '$TARGET' with ciphersuite '$ciphersuite'"
+    test_cipher_on_target "$sslcommand"
+    local success=$?
+    # If the connection succeeded with the current cipher, benchmark and store
+    if [ $success -eq 0 ]; then
+        cipherspref=("${cipherspref[@]}" "$result")
+        get_cipher_pref "!$result:$ciphersuite"
+        return 0
+    fi
+}
+
+
+if [ -z $1 ]; then
+    echo "
+usage: $0 <target:port> <-v>
+
+$0 attempts to connect to a target site using all the ciphersuites it knowns.
+jvehent - ulfr -  2013
+"
+    exit 1
+fi
+TARGET=$1
+VERBOSE=0
+if [ ! -z $2 ]; then
+    if [ "$2" == "-v" ]; then
+        VERBOSE=1
+        echo "Loading $($OPENSSLBIN ciphers -v ALL 2>/dev/null|grep Kx|wc -l) ciphersuites from $(echo -n $($OPENSSLBIN version 2>/dev/null))"
+        $OPENSSLBIN ciphers ALL 2>/dev/null
+    fi
+fi
+
+echo
+cipherspref=();
+results=()
+get_cipher_pref "ALL"
+ctr=1
+for cipher in "${cipherspref[@]}"; do
+    if [ $DOBENCHMARK -eq 1 ]; then
+        bench_cipher "$cipher"
+        r=$(echo "$ctr $cipher $cipherbenchms"|awk '{printf "%-2d) %-30s avg_handshake= %-5d ms\n",$1,$2,$3}')
+    else
+        r=$(echo "$ctr $cipher"|awk '{printf "%-2d) %-30s\n",$1,$2}')
+    fi
+    results=("${results[@]}" "$r")
+    ctr=$((ctr+1))
+done
+
+echo
+echo "Ciphersuites sorted by server preference"
+for result in "${results[@]}"; do
+    echo $result
+done
+
+echo
+echo R | $OPENSSLBIN s_client -connect $TARGET 2>/dev/null| grep 'Secure Renegotiation'|sort|uniq

README.md

@@ -0,0 +1,8 @@
+CipherScan
+==========
+A very simple way to find out which SSL ciphersuites are supported by a target.
+
+Run: ./CipherScan.sh www.google.com:443 -v
+And watch.
+
+Edit the script if you need more (disable benchmarking by setting DOBENCHMARK to 0).