-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcryp_ssl
executable file
·115 lines (94 loc) · 2.05 KB
/
cryp_ssl
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
#!/bin/bash
#
prog=cryp_ssl
usage="$prog host_ip [domain] [port] or $prog domain"
#
# Check for ssl crypt problems on given host and port
CUSTOM_ZGRAB=$GOPATH"/src/gopkg.in/eniac/zgrab.v0/zgrab.v0"
TMPDIR=${TMPDIR:-/tmp}
WRKDIR=$TMPDIR/$prog
function valid_ip()
{
local ip=$1
local stat=1
if [[ $ip =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then
OIFS=$IFS
IFS='.'
ip=($ip)
IFS=$OIFS
[[ ${ip[0]} -le 255 && ${ip[1]} -le 255 \
&& ${ip[2]} -le 255 && ${ip[3]} -le 255 ]]
stat=$?
fi
return $stat
}
mkdir -p $WRKDIR #2>/dev/null
rm -rf $WRKDIR/*
case $# in
1)
h=$1
d=''
p=443;;
2) h=$1
d=$2
p=443;;
3) h=$1
d=$2
p=$3;;
*)
echo "$usage" 1>&2
exit 1
esac
cat <<!EOF >$WRKDIR/nmap_error_fields
warnings
!EOF
# Cheesy xml processing: we use sed to extract all the SSL
# warnings and combine them into a single line.
nmap -oX - --script ssl-enum-ciphers -p $p $h |
xmllint --format - | tee $WRKDIR/nmapxml |
awk -v OFS=' ' '
/address addr/ {
n=split($2, fields, "\"")
addr = fields[2]
next
}
/protocol=".* portid="/ {
n=split($2, fields, "\"")
protocol = fields[2]
n=split($3, fields, "\"")
port = fields[2]
next
}
/key="warnings"/ {
copying = 1
next
}
copying == 0 { next }
/<\/table>/ {
copying = 0
next
}
{ error = $0
gsub(/ *<\/?elem>/, "", error)
print addr, protocol, port, "nmap", error
}' | sort -u
if ! valid_ip $h; then
d=$h
h=`host -t A $d | cut -f4 -d" "`;
fi
for scan in 0 1 m1 g3 g5 g7
do
case $scan in
m1) scan_str="-1";;
g3) scan_str="with order 3 subgroup";;
g5) scan_str="with order 5 subgroup";;
g7) scan_str="with order 7 subgroup";;
*)
scan_str=$scan
esac
tmp_out=`echo $h,$d | $CUSTOM_ZGRAB --tls --port $p --dhe-ciphers --tls-invalid-kex $scan --tls-verbose 2>/dev/null | head -n 1`
failure=`echo $tmp_out | jq '.data.tls | keys | contains(["server_finished"])'`
if [ "$failure" = "true" ] ; then
echo "WARNING: Server negotiated DH key exchange with value $scan_str"
fi
done