From d55eeae308f6901ba6d0886676bf484eb364ed66 Mon Sep 17 00:00:00 2001 From: Julien Vehent Date: Wed, 17 Jul 2013 15:06:34 -0400 Subject: [PATCH] Doc + cleanup --- CiphersScan.sh | 8 ++++---- README.md | 4 ++++ 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/CiphersScan.sh b/CiphersScan.sh index b3e5fb4..a03dc62 100755 --- a/CiphersScan.sh +++ b/CiphersScan.sh @@ -2,8 +2,8 @@ DOBENCHMARK=0 BENCHMARKITER=10 -#OPENSSLBIN="/home/ulfr/Code/openssl/apps/openssl" -OPENSSLBIN=$(which openssl) +OPENSSLBIN="/home/ulfr/Code/openssl/apps/openssl" +#OPENSSLBIN=$(which openssl) REQUEST="GET / HTTP/1.1 Host: $TARGET @@ -22,12 +22,12 @@ verbose() { test_cipher_on_target() { local sslcommand=$@ local tmp=$(mktemp) - $sslcommand 1>$tmp 2>/dev/null << EOF + $sslcommand 1>"$tmp" 2>/dev/null << EOF $REQUEST EOF # Parse the result result=$(grep "New, " $tmp|awk '{print $5}') - rm $tmp + rm "$tmp" if [ "$result" == '(NONE)' ]; then verbose "handshake failed, server returned ciphersuite '$result'" return 1 diff --git a/README.md b/README.md index ce19d95..d6b254e 100644 --- a/README.md +++ b/README.md @@ -6,3 +6,7 @@ Run: ./CipherScan.sh www.google.com:443 -v And watch. Edit the script if you need more (disable benchmarking by setting DOBENCHMARK to 0). + +The newer your version of openssl, the better results you'll get. Older versions +of OpenSSL don't support TLS1.2 ciphers, elliptic curves, etc... Build Your Own! +