mirror of
https://github.com/mozilla/cipherscan.git
synced 2024-09-29 08:03:42 +02:00
New option to enable SNI
Simulates a SNI capable client
This commit is contained in:
parent
8f5eb93fd9
commit
54a54aa428
15
cipherscan
15
cipherscan
@ -39,6 +39,7 @@ DELAY=0
|
|||||||
ALLCIPHERS=0
|
ALLCIPHERS=0
|
||||||
OUTPUTFORMAT="terminal"
|
OUTPUTFORMAT="terminal"
|
||||||
TIMEOUT=10
|
TIMEOUT=10
|
||||||
|
SNISCAN=0
|
||||||
|
|
||||||
|
|
||||||
usage() {
|
usage() {
|
||||||
@ -50,7 +51,7 @@ $0 attempts to connect to a target site using all the ciphersuites it knows.
|
|||||||
Original script by Julien Vehent. [:ulfr] - https://github.com/jvehent/cipherscan
|
Original script by Julien Vehent. [:ulfr] - https://github.com/jvehent/cipherscan
|
||||||
FreeBSD version by Olivier Paroz. [:ulfr] - https://github.com/oparoz/cipherscan
|
FreeBSD version by Olivier Paroz. [:ulfr] - https://github.com/oparoz/cipherscan
|
||||||
|
|
||||||
On FreeBSD, you will need the following ports on FreeBSD: textproc/gnugrep and sysutils/coreutils
|
OpenSSL 1.0.2 is a REQUIREMENT and you will also need the following ports on FreeBSD: textproc/gnugrep and sysutils/coreutils
|
||||||
|
|
||||||
Port defaults to 443
|
Port defaults to 443
|
||||||
|
|
||||||
@ -65,6 +66,7 @@ Use one of the options below:
|
|||||||
-h | --help Shows this help text.
|
-h | --help Shows this help text.
|
||||||
-j | --json Output results in JSON format.
|
-j | --json Output results in JSON format.
|
||||||
-o | --openssl path/to/your/openssl binary you want to use.
|
-o | --openssl path/to/your/openssl binary you want to use.
|
||||||
|
-s | --sni Activates SNI
|
||||||
-v | --verbose Increase verbosity.
|
-v | --verbose Increase verbosity.
|
||||||
|
|
||||||
The rest of the arguments will be interpreted as openssl s_client argument.
|
The rest of the arguments will be interpreted as openssl s_client argument.
|
||||||
@ -337,6 +339,10 @@ do
|
|||||||
-o | --openssl)
|
-o | --openssl)
|
||||||
OPENSSLBIN=$2 # You might want to check if you really got FILE
|
OPENSSLBIN=$2 # You might want to check if you really got FILE
|
||||||
shift 2
|
shift 2
|
||||||
|
;;
|
||||||
|
-s | --sni)
|
||||||
|
SNISCAN=1
|
||||||
|
shift
|
||||||
;;
|
;;
|
||||||
-a | --allciphers)
|
-a | --allciphers)
|
||||||
ALLCIPHERS=1
|
ALLCIPHERS=1
|
||||||
@ -401,8 +407,11 @@ debug "Port: $PORT"
|
|||||||
TARGET=$HOST:$PORT
|
TARGET=$HOST:$PORT
|
||||||
debug "target: $TARGET"
|
debug "target: $TARGET"
|
||||||
|
|
||||||
SNI_FIX="-servername ${HOST}"
|
SNIPARAM=""
|
||||||
SCLIENTARGS="$SNI_FIX $(sed -e s,${TEMPTARGET},,<<<"${@}")"
|
if [ $SNISCAN -gt 0 ]; then
|
||||||
|
SNIPARAM="-servername ${HOST}"
|
||||||
|
fi
|
||||||
|
SCLIENTARGS="$SNIPARAM $(sed -e s,${TEMPTARGET},,<<<"${@}")"
|
||||||
debug "sclientargs: $SCLIENTARGS"
|
debug "sclientargs: $SCLIENTARGS"
|
||||||
|
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user