From 4d6dba79e65798e968c9d5e39482ead0cc69acbd Mon Sep 17 00:00:00 2001 From: Chad Brigance Date: Mon, 19 Oct 2020 07:32:41 +0000 Subject: [PATCH] Update man pages and CHANGELOG --- CHANGELOG.md | 1 + doc/testssl.1 | 2 ++ doc/testssl.1.html | 2 ++ doc/testssl.1.md | 2 ++ 4 files changed, 7 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6f7a613..73c5c11 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ * Added support for certificates with EdDSA signatures and pubilc keys * --add-ca can also now be a directory with \*.pem files * Warning of 398 day limit for certificates issued after 2020/9/1 +* Added --user-agent argument to support using a custom User Agent ### Features implemented / improvements in 3.0 diff --git a/doc/testssl.1 b/doc/testssl.1 index c6c3bea..12e51a8 100644 --- a/doc/testssl.1 +++ b/doc/testssl.1 @@ -171,6 +171,8 @@ Please note that \fBfname\fR has to be in Unix format\. DOS carriage returns won . .P \fB\-\-sneaky\fR For HTTP header checks testssl\.sh uses normally the server friendly HTTP user agent \fBTLS tester from ${URL}\fR\. With this option your traces are less verbose and a Firefox user agent is being used\. Be aware that it doesn\'t hide your activities\. That is just not possible (environment preset via \fBSNEAKY=true\fR)\. +.P +\fB\-\-user\-agent\fR tells testssl.sh to use the supplied HTTP user agent instead of the standard user agent \fBTLS tester from ${URL}\fR\. . .P \fB\-\-ids\-friendly\fR is a switch which may help to get a scan finished which otherwise would be blocked by a server side IDS\. This switch skips tests for the following vulnerabilities: Heartbleed, CCS Injection, Ticketbleed and ROBOT\. The environment variable OFFENSIVE set to false will achieve the same result\. Please be advised that as an alternative or as a general approach you can try to apply evasion techniques by changing the variables USLEEP_SND and / or USLEEP_REC and maybe MAX_WAITSOCK\. diff --git a/doc/testssl.1.html b/doc/testssl.1.html index 0ab379a..9886f46 100644 --- a/doc/testssl.1.html +++ b/doc/testssl.1.html @@ -216,6 +216,8 @@ in /etc/hosts. The use of the switch is only useful if you either

--sneaky For HTTP header checks testssl.sh uses normally the server friendly HTTP user agent TLS tester from ${URL}. With this option your traces are less verbose and a Firefox user agent is being used. Be aware that it doesn't hide your activities. That is just not possible (environment preset via SNEAKY=true).

+

--user-agent <user agent> tells testssl.sh to use the supplied HTTP user agent instead of the standard user agent TLS tester from ${URL}.

+

--ids-friendly is a switch which may help to get a scan finished which otherwise would be blocked by a server side IDS. This switch skips tests for the following vulnerabilities: Heartbleed, CCS Injection, Ticketbleed and ROBOT. The environment variable OFFENSIVE set to false will achieve the same result. Please be advised that as an alternative or as a general approach you can try to apply evasion techniques by changing the variables USLEEP_SND and / or USLEEP_REC and maybe MAX_WAITSOCK.

--phone-out Checking for revoked certificates via CRL and OCSP is not done per default. This switch instructs testssl.sh to query external -- in a sense of the current run -- URIs. By using this switch you acknowledge that the check might have privacy issues, a download of several megabytes (CRL file) may happen and there may be network connectivity problems while contacting the endpoint which testssl.sh doesn't handle. PHONE_OUT is the environment variable for this which needs to be set to true if you want this.

diff --git a/doc/testssl.1.md b/doc/testssl.1.md index e9012bf..7b68e6f 100644 --- a/doc/testssl.1.md +++ b/doc/testssl.1.md @@ -141,6 +141,8 @@ in `/etc/hosts`. The use of the switch is only useful if you either can't or ar `--sneaky` For HTTP header checks testssl.sh uses normally the server friendly HTTP user agent `TLS tester from ${URL}`. With this option your traces are less verbose and a Firefox user agent is being used. Be aware that it doesn't hide your activities. That is just not possible (environment preset via `SNEAKY=true`). +`--user-agent ` tells testssl.sh to use the supplied HTTP user agent instead of the standard user agent `TLS tester from ${URL}`. + `--ids-friendly` is a switch which may help to get a scan finished which otherwise would be blocked by a server side IDS. This switch skips tests for the following vulnerabilities: Heartbleed, CCS Injection, Ticketbleed and ROBOT. The environment variable OFFENSIVE set to false will achieve the same result. Please be advised that as an alternative or as a general approach you can try to apply evasion techniques by changing the variables USLEEP_SND and / or USLEEP_REC and maybe MAX_WAITSOCK. `--phone-out` Checking for revoked certificates via CRL and OCSP is not done per default. This switch instructs testssl.sh to query external -- in a sense of the current run -- URIs. By using this switch you acknowledge that the check might have privacy issues, a download of several megabytes (CRL file) may happen and there may be network connectivity problems while contacting the endpoint which testssl.sh doesn't handle. PHONE_OUT is the environment variable for this which needs to be set to true if you want this.