testssl.sh/README.html

<br>
<strong>testssl.sh</strong> is a <a href="LICENSE.txt" title="GPL v2">free</a> Unix command line tool which checks a server's service 
on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
It's designed to provide clear output for a "is this good or bad" decision.

<br><br>
<a href="testssl-standard.png"><img src="testssl-standard.50p.png" title="Standard call: testssl.sh <hostname>" 
onmouseover="this.src='testssl-standard.png'" onmouseout="this.src='testssl-standard.50p.png';" 
style="box-shadow: 0 5px 5px 5px #AAAAAA; border: 0px solid; margin-left:25px; margin-right:15px; margin-bottom:10px; float:right" alt="Standard call: testssl.sh <hostname>"></a>
It is working on every Linux distribution which has OpenSSL installed. As for security reasons some distributors 
outphase the buggy stuff &ndash; and this is exactly you want to check for &ndash; it's recommended to compile OpenSSL by 
yourself or check out the OpenSSL binaries below (Linux). You will get a warning though if your OpenSSL client
cannot perform a specific check, see below.

<br>
<br>
testssl.sh is portable, it is supposed to work on
any other Unix system (preferably with GNU tools) and on cygwin, supposed it can find the OpenSSL binary. 

<br><br>
<strong>New features</strong>
<ul>
<li>2.0: Features: <ul>
	<li>SNI</li>
	<li>STARTTLS</li>
	<li>server preferences for protocols and ciphers</li>
	<li>checks for: RC4, PFS, SPDY</li>
	<li>web and app server banner, HSTS</li>
	<li>server key size</li>
	<li>TLS session tickets</li>
	<li>TLS server extensions</li>
	<li>heartbleed check from <a href="https://testssl.sh/bash-heartbleed.sh">bash-heartbleed.sh</a> with shell only SSL handshake!</li>
	<li>CCS check from <a href="https://testssl.sh/ccs-injection.sh">ccs-injection.sh</a> with shell only SSL handshake!</li>
	<li>somewhat smart check for BREACH vulnerability</li>
	<li>prelease of cipher suites name space mapping OpenSSL &lt;--&gt; RFC</li>
	<li>aaand: neat output</li>
	</ul
</li>
<li>1.40: cleanups, path of URL supplied on the command line (is ignored for now) </li>
<li>1.30: can test now for cipher suites / protocols only, tests for tls v1.1/v1.2 , -a/--all renamed </li>
<li>1.21: CRIME support, see http://threatpost.com/en_us/blogs/new-attack-uses-ssltls-information-leak-hijack-https-sessions-090512.</li>
<li>1.18: Rearragement of arguments: URI comes now always last. NOPARANOID flag tells whether medium grade ciphers are ok. </li>
<li>1.17: tests now for renegotiation vulnerabity, see (<a href="http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3555" target="_blank" title="opens in new tab/window">CVE-2009-3555)</a></li>
<li>1.16: Invoking options changed with this release. Port and hostname / URL will be accepted only as one argument. major code cleanups. Also
checks now whether SSL is listening on the server side at all. <i>-a</i>/<i>--all</i> tests cipher by cipher now.</li>
<li>[..]</li>
<li>More see <a href="CHANGELOG.txt">CHANGELOG</a>.</li>
</ul>

<p style="clear:left"></p>
<br><br>

<strong>Calling</strong>

<br><br>
Starting testssl.sh with no params will give you a clue how to use it:

<a href="testssl-E.png"><img src="testssl-E.33p.png" title="check each ciphers per protocol" onmouseover="this.src='testssl-E.png'" onmouseout="this.src='testssl-E.33p.png';"
 style="box-shadow: 0 5px 5px 5px #AAAAAA; border: 0px solid; margin-left:10px; margin-bottom:10px; margin-right:25px; float:right" alt="check each ciphers per protocol"></a>
<pre>userid@<strong>somehost</strong>:~ % testssl.sh

testssl.sh &lt;options&gt; URI

where &lt;options&gt; is <strong>one</strong> of

        &lt;-h|--help&gt;                 what you're looking at
        &lt;-b|--banner&gt;               displays banner + version
        &lt;-v|--version&gt;              same as above
	&lt;-V|--local&gt;                pretty print all local ciphers
	&lt;-V|--local&gt; &lt;hexcode&gt;      what cipher is &lt;pattern hexcode&gt;?

        &lt;-e|--each-cipher&gt;          check each local ciphers remotely 
        &lt;-E|-ee|--cipher-per-proto&gt; check those per protocol
        &lt;-f|--ciphers&gt;              check cipher suites
        &lt;-p|--protocols&gt;            check TLS/SSL protocols only
        &lt;-P|--preference&gt;           displays the servers picks: protocol+cipher
        &lt;-y|--spdy&gt;                 checks for SPDY/NPN
        &lt;-B|--heartbleed&gt;           tests only for heartbleed vulnerability
        &lt;-I|--ccs|--ccs_injection&gt;  tests only for CCS injection vulnerability
        &lt;-R|--renegotiation&gt;        tests only for renegotiation vulnerability
        &lt;-C|--crime&gt;                tests only for CRIME vulnerability
	&lt;-T|--breach&gt;               tests only for BREACH vulnerability
        &lt;-s|--pfs|--fs|--nsa&gt;       checks (perfect) forward secrecy settings
        &lt;-4|--rc4|--appelbaum&gt;      which RC4 ciphers are being offered?
        &lt;-H|--header|--headers&gt;     check for HSTS and server banner string

URI is  host|host:port|URL|URL:port
        (port 443 is assumed unless otherwise specified)

        &lt;-t|--starttls&gt; host:port &lt;ftp|smtp|pop3|imap|xmpp|telnet&gt; *)  &lt;SNI hostname&gt;

*) for STARTTLS telnet support you need a patched openssl version (to be provided soon)

userid@<strong>somehost</strong>:~ %</pre>

Normal use case is probably just "testssl.sh &lt;hostname&gt;", see first picture above. "testssl.sh -E  &lt;hostname&gt;" was used in the 
second picture above. A STARTTLS check (see last picture) would be achieved with e.g.
<pre>
testssl.sh --starttls &lt;smtphostname&gt;.&lt;tld&gt;:587 smtp
testssl.sh -t &lt;jabberhostname&gt;.&lt;tld&gt;:5222 xmpp
testssl.sh --starttls &lt;pophostname&gt;.&lt;tld&gt;:110  pop3
</pre>
As the help says: Currently only one option at a time works.
<br>
A maybe neat feature: If you want to find out what local ciphers you have and
print them pretty, use "testssl.sh -V". Ever wondered what hexcode a cipher is?
"testssl.sh -V 9f" lets you search for the hexcode 9f. If you have the file
"mapping-rfc.txt" in the same directory "testssl.sh -V" <a
href="https://twitter.com/drwetter/status/456126567547039744/photo/1"
title="picture" target="_blank">displays</a> the matching RFC style cipher
suite name. Also during every cipher suite test the corresponding RFC style name is
displayed. It's a broad output. If you don't want this, you need to move mapping-rfc.txt
away -- for now.
<br><br> Got it so far? Good.  <br>

<a href="testssl-starttls-localssl.png"><img src="testssl-starttls-localssl.25p.png" title="STARTTLS check with Ubuntu's 12.04 OpenSSL" 
onmouseover="this.src='testssl-starttls-localssl.png'" onmouseout="this.src='testssl-starttls-localssl.25p.png'"
style="box-shadow: 0 5px 5px 5px #AAAAAA; border: 0px solid; margin-left:10px; margin-bottom:10px; margin-right:35px; margin-top:15px; float:left" alt="STARTTLS check with Ubuntu's 12.04 OpenSSL, no recompiled OpenSSL"></a>
<br>
<br>
<strong>Hint regarding OpenSSL binary</strong>

<br><br>
As mentioned above, a prerequisite for thoroughly checking SSL/TLS enabled servers is: all you want to check for has to be
available on your client. Transport encryption is not only depending on the server but also on your crypto provider on the client side &ndash;
especially if you want to use it for testing.
So there are drawbacks out of the Linux distributions boxes -- so to speak:
<ul>
<li> one cannot check 56 Bit ciphers as they are disabled during compile time. </li>
<li> some ciphers are disabled for security reasons, </li>
<li> support maybe not included (to disable CRIME)</li>
<li> and last but not least: SSLv2 seems to be outphased too, <a href="https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/955675" title="Ubuntu's Lauchpad: not even the manpage is updated since 2 years" target="_blank">Ubuntu</a> started this.</li>
</ul>
Thus the <a href="openssl-1.0.2-beta1.linux64_32bit.tar.gz.asc" title="GPG signed">signed</a> tarball provides specially compiled statically linked (except glibc and the loader)
<a href="openssl-1.0.2-beta1.linux64_32bit.tar.gz">OpenSSL binaries</a> as a courtesy. If you don't want this, you'll get a warning in magenta, see picture on the right hand side.
You'll need to unpack the binaries, dump the one you need either in the same location as testssl.sh, named just &quot;openssl&quot; or &quot;openssl.`uname -m`&quot;.
You can also tell testssl.sh via environment variable where your openssl binary is:
<pre>export OPENSSL=&lt;path_to_myopenssl&gt;</pre> before you use testssl. Or issue <pre>OPENSSL=&lt;path_to_myopenssl&gt; testssl.sh &lt;hostname&gt;</pre>

Don't try outdated OpenSSL versions before 1.0! Those versions are deprecated, you likely will not get very far. testssl.sh is not locking 
those out but things might not work as expected. Support will be retired soon.


<br><br>
<strong>Misc</strong>

<br><br>
Feedback, bugs and contributions are appreciated, see contact in <a href="testssl.sh" type="text/plain">testssl.sh</a> (<i>dirk aet testssl dot sh</i>). 
<br><br>

I post all significant updates on Twitter (<a href="http://twitter.com/drwetter" title="@drwetter" target="_blank">@drwetter</a>).
&nbsp;
<br>
<br>
<div style="color: #999999; font-size: 11px; text-align: right;"><a href="http://drwetter.eu/neu/impressum.shtml">Imprint</a>&nbsp;&nbsp;</div>
<hr>
<br>
<!-- $Id: README.html,v 1.35 2014/06/15 20:07:18 dirkw Exp $ -->
</html>
</body>