mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-03 23:39:45 +01:00
Merge branch 'drwetter/2.9dev' into 2.9dev
This commit is contained in:
commit
6201348827
21
Readme.md
21
Readme.md
@ -36,14 +36,13 @@ and more documentation") or https://github.com/drwetter/testssl.sh/wiki/Usage-Do
|
||||
|
||||
#### Compatibility
|
||||
|
||||
testssl.sh is working on every Linux/BSD distribution out of the box with
|
||||
some limitations of disabled features from the openssl client -- some
|
||||
workarounds are done with bash-socket-based checks. It also works on other
|
||||
unixoid system out of the box, supposed they have `/bin/bash` and standard
|
||||
tools like sed and awk installed. MacOS X and Windows (using MSYS2 or
|
||||
cygwin) work too. OpenSSL version >= 1 is a must. OpenSSL version >= 1.0.2
|
||||
is needed for better LOGJAM checks and to display bit strengths for key
|
||||
exchanges.
|
||||
testssl.sh is working on every Linux/BSD distribution out of the box. In 2.9dev most
|
||||
of the limitations of disabled features from the openssl client are gone due to bash-socket-based
|
||||
checks. testssl.sh also works on otherunixoid system out of the box, supposed they have
|
||||
`/bin/bash` and standard tools like sed and awk installed. System V needs to have GNU versions
|
||||
of grep and sed installed. MacOS X and Windows (using MSYS2 or cygwin) work too. OpenSSL
|
||||
version >= 1 is a must. OpenSSL version >= 1.0.2 is needed for better LOGJAM checks and to
|
||||
display bit strengths for key exchanges.
|
||||
|
||||
Update notification here or @ [twitter](https://twitter.com/drwetter).
|
||||
|
||||
@ -56,6 +55,12 @@ Update notification here or @ [twitter](https://twitter.com/drwetter).
|
||||
* testing 359 default ciphers (``testssl.sh -e``) with a mixture of sockets and openssl. Same speed as with openssl only but addtional ciphers such as post-quantum ciphers, new CHAHA20/POLY1305, CamelliaGCM etc.
|
||||
* finding more TLS extensions via sockets
|
||||
* TLS Supported Groups Registry (RFC 7919), key shares extension
|
||||
* using bash sockets where ever possible
|
||||
* LUCKY13 and SWEET32 checks
|
||||
* LOGJAM: now checking also for known DH parameters
|
||||
* Check for CAA RR
|
||||
* better formatting of output
|
||||
* choice showing the RFC naming scheme only
|
||||
|
||||
|
||||
#### Features planned in 2.9dev
|
||||
|
@ -28,7 +28,11 @@ get a warning for the other certificate stores while scanning internal net-
|
||||
works. Second catch: If you scan other hosts in the internet the check against
|
||||
your Root CA will fail, too. This will be fixed in the future, see #230.
|
||||
|
||||
#### Mapping files
|
||||
The file ``mapping-rfc.txt`` uses the hexcode to map OpenSSL names
|
||||
against the RFC/IANA names. ``curves.txt`` is not being used yet, it
|
||||
is supposed to map EC curve names properly.
|
||||
#### Further needed files
|
||||
* ``mapping-rfc.txt`` uses the hexcode to map OpenSSL against the RFC/IANA names.
|
||||
|
||||
* ``ca_hashes.txt`` is used for HPKP test in order to have a fast comparison with known CAs
|
||||
|
||||
* ``common-primes.txt`` is used for LOGJAM
|
||||
|
||||
* ``client_simulation.txt`` as the name indicates it's the data for the client simulation
|
||||
|
777
etc/client_simulation.txt
Normal file
777
etc/client_simulation.txt
Normal file
@ -0,0 +1,777 @@
|
||||
|
||||
# Most clients are taken from Qualys SSL Labs --- From: https://api.dev.ssllabs.com/api/v3/getClients
|
||||
|
||||
names+=("Android 2.3.7 ")
|
||||
short+=("android_237")
|
||||
ciphers+=("RC4-MD5:RC4-SHA:AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:EXP-RC4-MD5:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA")
|
||||
sni+=("")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301004b010000470301531f3de6b36804738bbb94a6ecd570a544789c3bb0a6ef8b9d702f997d928d4b00002000040005002f00330032000a00160013000900150012000300080014001100ff0100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 4.1.1 ")
|
||||
short+=("android_411")
|
||||
ciphers+=("ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d7010000d30301531f3f6dd9eb5f6b3586c628cc2cdc82cdb259b1a096237ba4df30dbbc0f26fb000044c014c00ac022c02100390038c00fc0050035c012c008c01cc01b00160013c00dc003000ac013c009c01fc01e00330032c00ec004002fc011c007c00cc0020005000400ff020100006500000014001200000f7777772e73736c6c6162732e636f6d000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f0010001100230000000f00010133740000")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 4.2.2 ")
|
||||
short+=("android_422")
|
||||
ciphers+=("ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d1010000cd0301531f40a89e11d5681f563f3dad094375227035d4e9d2c1654d7d3954e3254558000044c014c00ac022c02100390038c00fc0050035c012c008c01cc01b00160013c00dc003000ac013c009c01fc01e00330032c00ec004002fc011c007c00cc0020005000400ff0100006000000014001200000f7777772e73736c6c6162732e636f6d000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f001000110023000033740000")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 4.4.2 ")
|
||||
short+=("android_442")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d1010000cd0303531f4317998fb70d57feded18c14433a1b665f963f7e3b1b045b6cc3d61bf21300004cc030c02cc014c00a00a3009f006b006a00390038009d003d0035c012c00800160013000ac02fc02bc027c023c013c00900a2009e0067004000330032009c003c002fc011c0070005000400ff0100005800000014001200000f7777772e73736c6c6162732e636f6d000b00020100000a0008000600190018001700230000000d00220020060106020603050105020503040104020403030103020303020102020203010133740000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 5.0.0 ")
|
||||
short+=("android_500")
|
||||
ciphers+=("ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-GCM-SHA256:AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100bd010000b9030354c21737f3d9d10696c91debf12415f9c45833a83cfbbd4c60c9b91407d2316b000038cc14cc13cc15c014c00a003900380035c012c00800160013000ac02fc02bc013c00900a2009e00330032009c002fc011c0070005000400ff0100005800000014001200000f6465762e73736c6c6162732e636f6d00230000000d00220020060106020603050105020503040104020403030103020303020102020203010133740000000b00020100000a00080006001900180017")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 6.0 ")
|
||||
short+=("android_60")
|
||||
ciphers+=("ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305-OLD:DHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e2010000de030352f98411589cd6cd9dd403e70b1685b464a1d8c7495214d2c29b557738599f3420706946c402bf34b6356bfa5979bc3c65e1979a8fc632c201e976fef1ec3d55870022cc14cc13cc15c02bc02f009ec00ac0140039c009c0130033009c0035002f000a00ff0100007300000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d001600140601060305010503040104030301030302010203000500050100000000337400000012000000100014001208687474702f312e3108737064792f332e31000b00020100000a0006000400170018")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Android 7.0 ")
|
||||
short+=("android_70")
|
||||
ciphers+=("ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e4010000e0030366285fd01ec41e6b9c032a373d4607a6349c509d8a1b142cecc6820364d6eab42024c69f1c56165106d550c4c72135be8c3fe21f72843d19e663602d6476babc090022cca9cca8cc14cc13c02bc02fc02cc030c009c013c00ac014009c009d002f0035000a01000075ff0100010000000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d00120010060106030501050304010403020102030005000501000000000012000000100017001502683208737064792f332e3108687474702f312e31000b00020100000a00080006001d00170018")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Baidu Jan 2015 ")
|
||||
short+=("baidu_jan_2015")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-MD5:RC4-SHA:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100a30100009f030154c1a814c755540538a93b25e7824623d0ee9fc294ee752869cf76819edb3aa200004800ffc00ac0140088008700390038c00fc00500840035c007c009c011c0130045004400330032c00cc00ec002c0040096004100040005002fc008c01200160013c00dc003feff000a0100002e00000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b0002010000230000")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("BingPreview Jan 2015 ")
|
||||
short+=("bingpreview_jan_2015")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101510100014d030354c13b79c1ca7169ae70c45d43311f9290d8ac1e326dfc36ff0aa99ea85406d50000a0c030c02cc028c024c014c00ac022c02100a3009f006b006a0039003800880087c032c02ec02ac026c00fc005009d003d00350084c012c008c01cc01b00160013c00dc003000ac02fc02bc027c023c013c009c01fc01e00a2009e0067004000330032009a009900450044c031c02dc029c025c00ec004009c003c002f009600410007c011c007c00cc002000500040015001200090014001100080006000300ff020100008300000014001200000f6465762e73736c6c6162732e636f6d000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f00100011000d002200200601060206030501050205030401040204030301030203030201020202030101000f000101")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Chrome 48 OS X ")
|
||||
short+=("chrome_48_osx")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100ca010000c603037ac82baca9c0d08b1a01ecfb0bf5824f195153e0c6b4b48f5bf4621846376e8a00001ec02bc02f009ecc14cc13c00ac0140039c009c0130033009c0035002f000a0100007fff0100010000000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d001600140601060305010503040104030301030302010203000500050100000000337400000012000000100017001502683208737064792f332e3108687474702f312e3175500000000b00020100000a0006000400170018")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Chrome 51 Win 7 ")
|
||||
short+=("chrome_51_win7")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305-OLD:ECDHE-RSA-CHACHA20-POLY1305-OLD:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100bf010000bb030355079db3b53ce2a6d3335902717ae6a84cc4b855d0b68775ac287f38da343c55000022c02bc02fc02cc030cca9cca8cc14cc13c009c013c00ac014009c009d002f0035000a01000070ff0100010000000014001200000f6465762e73736c6c6162732e636f6d0017000000230000000d0012001006010603050105030401040302010203000500050100000000001200000010000e000c02683208687474702f312e3175500000000b00020100000a00080006001d00170018")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Edge 13 Win 10 ")
|
||||
short+=("edge_13_win10")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300d7010000d30303576c36d45fdcc8fdee4c62a86ccb3c116eaf6ba23d0726162972e953b993a96a000038c02cc02bc030c02f009f009ec024c023c028c027c00ac009c014c01300390033009d009c003d003c0035002f000a006a00400038003200130100007200000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d00140012040105010201040305030203020206010603002300000010000e000c02683208687474702f312e310017000055000006000100020002ff01000100")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(4096)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Edge 13 Win Phone 10 ")
|
||||
short+=("edge_13_winphone10")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300d3010000cf0303565ee836e62e7b9b734f4dca5f3f1ad62dc4e5f87bdf6c90f325b6a2e0012705000034c02cc02bc030c02f009f009ec024c023c028c027c00ac009c014c013009d009c003d003c0035002f000a006a00400038003200130100007200000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d00140012040105010201040305030203020206010603002300000010000e000c02683208687474702f312e310017000055000006000100020002ff01000100")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(4096)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Firefox 45 Win 7 ")
|
||||
short+=("firefox_45_win7")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d8010000d40303c45b58b30c163444fbca2e8a1832e5a36999712fa83d7ff6b6c13d5a22181e7f205fd10ae0807128c0c0ede2914316ac6b777e529c1f0e89c849cdf0cbde26efa00016c02bc02fc00ac009c013c01400330039002f0035000a0100007500000014001200000f6465762e73736c6c6162732e636f6dff01000100000a00080006001700180019000b00020100002300003374000000100017001502683208737064792f332e3108687474702f312e31000500050100000000000d001600140401050106010201040305030603020304020202")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1023)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Firefox 49 Win 7 ")
|
||||
short+=("firefox_49_win7")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e6010000e20303129162aca1f789ad3a792eaa766ba345770bbf2eb466e80bb51c3da72a29f95420b4419268602b765f6f206b948f9e6561cdd1f43606a44dc6fb2448862e26fc50001ec02bc02fcca9cca8c02cc030c00ac009c013c01400330039002f0035000a0100007b00000014001200000f6465762e73736c6c6162732e636f6d00170000ff01000100000a00080006001700180019000b00020100002300003374000000100017001502683208737064792f332e3108687474702f312e31000500050100000000000d0018001604010501060102010403050306030203050204020202")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1023)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Firefox 49 XP SP3 ")
|
||||
short+=("firefox_49_xpsp3")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:AES128-SHA:AES256-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100c6010000c20303655bcc0742ffca05df48e52838a668733165388e09df153a44cbdc7c39c0bb4300001ec02bc02fcca9cca8c02cc030c00ac009c013c01400330039002f0035000a0100007b00000014001200000f6465762e73736c6c6162732e636f6d00170000ff01000100000a00080006001700180019000b00020100002300003374000000100017001502683208737064792f332e3108687474702f312e31000500050100000000000d0018001604010501060102010403050306030203050204020202")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1023)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Googlebot Feb 2015 ")
|
||||
short+=("googlebot_feb_2015")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:RC4-SHA:RC4-MD5:AES128-SHA:DES-CBC3-SHA:AES256-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100db010000d70303d9c72e000f6a7f0a156840bd4aa9fd0612df4aeb69a1a1c6452c5f1f4d0ba6b000002ac02bc02fc007c011c009c013c00ac014009c00050004002f000a003500330032001600130039003800ff0100008400000014001200000f6465762e73736c6c6162732e636f6d00230000000d0020001e06010602060305010502050304010402040303010302030302010202020333740000000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f00100011")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("IE 11 Win 10 ")
|
||||
short+=("ie_11_win10")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300d7010000d30303576c3861086a497dbb46489b67a88ac2e541c4863147fd09634bd0c630b73e92000038c02cc02bc030c02f009f009ec024c023c028c027c00ac009c014c01300390033009d009c003d003c0035002f000a006a00400038003200130100007200000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d00140012040105010201040305030203020206010603002300000010000e000c02683208687474702f312e310017000055000006000100020002ff01000100")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(4096)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 11 Win 7 ")
|
||||
short+=("ie_11_win7")
|
||||
ciphers+=("ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300b7010000b30303576b1fad9e727d57d0e40cae894f1f8f4608151d627affc2f1e20c2df7fefe5d000038c028c027c014c013009f009e00390033009d009c003d003c0035002fc02cc02bc024c023c00ac009006a004000380032000a0013000500040100005200000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d0014001206010603040105010201040305030203020200170000ff01000100")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(4096)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 11 Win 8.1 ")
|
||||
short+=("ie_11_win81")
|
||||
ciphers+=("ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300d1010000cd0303576c36e03bf1afe8d81100c68adc72bd0c678a5162275a5569651875123a7bec000034c028c027c014c013009f009e00390033009d009c003d003c0035002fc02cc02bc024c023c00ac009006a004000380032000a00130100007000000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d001400120401050106010201040305030603020302020023000000100012001006737064792f3308687474702f312e313374000000170000ff01000100")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(1024)
|
||||
maxDhBits+=(4096)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(16384)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 11 Win Phone 8.1 ")
|
||||
short+=("ie_11_winphone81")
|
||||
ciphers+=("AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES128-SHA256:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES256-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300bb010000b703035363d297ad92a8fe276a4e5b9395d593e96fff9c3df0987e5dfbab544ce05832000026003c002f003d0035000ac027c013c014c02bc023c02cc024c009c00a00400032006a0038001301000068ff0100010000000014001200000f7777772e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d0010000e04010501020104030503020302020023000000100012001006737064792f3308687474702f312e3133740000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 11 Win Phone 8.1 Update ")
|
||||
short+=("ie_11_winphone81update")
|
||||
ciphers+=("ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES256-SHA256:DHE-DSS-AES128-SHA256:DHE-DSS-AES256-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300c5010000c103035537a79a55362d42c3b3308fea91e85c5656021153d0a4baf03e7fef6e315c72000030c028c027c014c013009f009e009d009c003d003c0035002fc02cc02bc024c023c00ac009006a004000380032000a001301000068ff0100010000000014001200000f6465762e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100000d0010000e04010501020104030503020302020023000000100012001006737064792f3308687474702f312e3133740000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 6 XP ")
|
||||
short+=("ie_6_xp")
|
||||
ciphers+=("RC4-MD5:RC4-SHA:DES-CBC3-SHA:RC4-MD5:DES-CBC3-MD5:RC2-CBC-MD5:DES-CBC-SHA:DES-CBC-MD5:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA")
|
||||
sni+=("")
|
||||
warning+=("")
|
||||
handshakebytes+=("804f01030000360000001000000400000500000a0100800700c00300800000090600400000640000620000030000060200800400800000130000120000630000ffd9f61eed63ba552d0bca94dc016081a3")
|
||||
protos+=("-ssl3 -ssl2")
|
||||
lowest_protocol+=("0x0200")
|
||||
highest_protocol+=("0x0300")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 7 Vista ")
|
||||
short+=("ie_7_vista")
|
||||
ciphers+=("AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301007d01000079030151fa62ab452795b7003c5f93ab677dbf57dd62bfa39e0ffaaeabe45b06552452000018002f00350005000ac009c00ac013c01400320038001300040100003800000014001200000f7777772e73736c6c6162732e636f6d000500050100000000000a00080006001700180019000b00020100ff01000100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 8 Win 7 ")
|
||||
short+=("ie_8_win7")
|
||||
ciphers+=("AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES128-SHA:DHE-DSS-AES256-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301007b01000077030151facea9bfdefb38bc40987322ebdc092498fc6e64e491683abd95179ea8405c000018002f00350005000ac013c014c009c00a003200380013000401000036ff0100010000000014001200000f7777772e73736c6c6162732e636f6d000500050100000000000a0006000400170018000b00020100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("IE 8 XP ")
|
||||
short+=("ie_8_xp")
|
||||
ciphers+=("RC4-MD5:RC4-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP1024-RC4-SHA:EXP1024-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC2-CBC-MD5:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP1024-DHE-DSS-DES-CBC-SHA")
|
||||
sni+=("")
|
||||
warning+=("")
|
||||
handshakebytes+=("1603010048010000440301550bf46d2cff1997bd24885e963ba61faa8be6c28835c1f9bf74c1675cd3cf8500001600040005000a0009006400620003000600130012006301000005ff01000100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Java 6u45 ")
|
||||
short+=("java_6u45")
|
||||
ciphers+=("RC4-MD5:RC4-MD5:RC4-SHA:AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DES-CBC3-SHA:DES-CBC3-MD5:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC-SHA:DES-CBC-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:EXP-RC4-MD5:EXP-RC4-MD5:EXP-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA")
|
||||
sni+=("")
|
||||
warning+=("")
|
||||
handshakebytes+=("8065010301003c0000002000000401008000000500002f00003300003200000a0700c00000160000130000090600400000150000120000030200800000080000140000110000ff52173357f48ce6722f974dbb429b9279208d1cf5b9088947c9ba16d9ecbc0fa6")
|
||||
protos+=("-tls1 -ssl3 -ssl2")
|
||||
lowest_protocol+=("0x0200")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(1024)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Java 7u25 ")
|
||||
short+=("java_7u25")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100ad010000a9030152178334e8b855253e50e4623e475b6941c18cc312de6395a98e1cd4fd6735e700002ac009c013002fc004c00e00330032c007c0110005c002c00cc008c012000ac003c00d00160013000400ff01000056000a0034003200170001000300130015000600070009000a0018000b000c0019000d000e000f001000110002001200040005001400080016000b0002010000000014001200000f7777772e73736c6c6162732e636f6d")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(1024)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Java 8b132 ")
|
||||
short+=("java_8b132")
|
||||
ciphers+=("ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300e7010000e303035319a4a6c3909b598b7f5c0923999b7fa67cf6e79f73a016ea39a221c6989eeb000046c023c027003cc025c02900670040c009c013002fc004c00e00330032c007c0110005c002c00cc02bc02f009cc02dc031009e00a2c008c012000ac003c00d00160013000400ff01000074000a0034003200170001000300130015000600070009000a0018000b000c0019000d000e000f001000110002001200040005001400080016000b00020100000d001a001806030601050305010403040103030301020302010202010100000014001200000f7777772e73736c6c6162732e636f6d")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(2048)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 1.0.1l ")
|
||||
short+=("openssl_101l")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301014f0100014b030332b230e5dd8c5573c219a243f397e31f407c7a93b60a26e7c3d5cca06a566fe1000094c030c02cc028c024c014c00a00a3009f006b006a0039003800880087c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a2009e0067004000330032009a009900450044c031c02dc029c025c00ec004009c003c002f009600410007c011c007c00cc00200050004c012c00800160013c00dc003000a0015001200090014001100080006000300ff0100008e00000014001200000f6465762e73736c6c6162732e636f6d000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f0010001100230000000d0020001e060106020603050105020503040104020403030103020303020102020203000500050100000000000f000101")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("OpenSSL 1.0.2e ")
|
||||
short+=("openssl_102e")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DH-DSS-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DH-RSA-AES256-SHA256:DH-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DH-RSA-AES256-SHA:DH-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DH-RSA-CAMELLIA256-SHA:DH-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DH-DSS-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:DH-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DH-RSA-AES128-SHA256:DH-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DH-RSA-AES128-SHA:DH-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DH-RSA-SEED-SHA:DH-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DH-RSA-CAMELLIA128-SHA:DH-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:DES-CBC-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101590100015503032a9db79b37d9364a9a685dc25bfec88c21ef88c206a20b9801108c67607e79800000b6c030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f009600410007c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00150012000f000c000900ff0100007600000014001200000f6465762e73736c6c6162732e636f6d000b000403000102000a001c001a00170019001c001b0018001a0016000e000d000b000c0009000a00230000000d0020001e060106020603050105020503040104020403030103020303020102020203000500050100000000000f000101")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("ANY")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Opera 17 Win 7 ")
|
||||
short+=("opera_17_win7")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:AES256-SHA:AES256-SHA256:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:AES128-SHA256:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d5010000d10303526793c01b8d4859d838c8658f07f895a2f35ba16fb786644db811b856197e9b000028c00ac0140039006b0035003dc007c009c023c011c013c02700330067003200050004002f003c000a0100008000000014001200000f7777772e73736c6c6162732e636f6dff01000100000a00080006001700180019000b00020100002300003374000000100022002006737064792f3206737064792f3308737064792f332e3108687474702f312e31754f0000000500050100000000000d0012001004010501020104030503020304020202")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(4096)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("Safari 5.1.9 OS X 10.6.8 ")
|
||||
short+=("safari_519_osx1068")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5:AES256-SHA:DES-CBC3-SHA:DES-CBC-SHA:EXP-RC4-MD5:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:DHE-DSS-AES128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC3-SHA:EDH-DSS-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301009d01000099030151d15dc2887b1852fd4291e36c3f4e8a35266e15dd6354779fbf5438b59b42da000046c00ac009c007c008c013c014c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a000900030008000600320033003800390016001500140013001200110100002a00000014001200000f7777772e73736c6c6162732e636f6d000a00080006001700180019000b00020100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(4096)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 6.0.4 OS X 10.8.4 ")
|
||||
short+=("safari_604_osx1084")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-AES256-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-AES256-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:AES128-SHA:RC4-SHA:RC4-MD5:AES256-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100a9010000a5030151fa327c6576dadde1e8a89d4d45bdc1d0c107b8cbe998337e02ca419a0bcb30204dd1c85d9fbc1607b27a35ec9dfd1dae2c589483843a73999c9de205748633b1003200ffc00ac009c007c008c014c013c011c012c004c005c002c003c00ec00fc00cc00d002f000500040035000a0033003900160100002a00000014001200000f7777772e73736c6c6162732e636f6d000a00080006001700180019000b00020100")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(4096)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 7 OS X 10.9 ")
|
||||
short+=("safari_7_osx109")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDH-ECDSA-AES256-SHA384:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES256-SHA384:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES256-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES128-SHA:RC4-SHA:RC4-MD5:AES256-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA:EDH-RSA-DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100d1010000cd030351fa3664edce86d82606540539ccd388418b1a5cb8cfda5e15349c635d4b028b203bf83c63e3da6777e407300b5d657e429f11cd7d857977e4390fda365b8d4664004a00ffc024c023c00ac009c007c008c028c027c014c013c011c012c026c025c02ac029c005c004c002c003c00fc00ec00cc00d003d003c002f000500040035000a0067006b0033003900160100003a00000014001200000f7777772e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d000c000a05010401020104030203")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(4096)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 8 OS X 10.10 ")
|
||||
short+=("safari_8_osx1010")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDH-ECDSA-AES256-SHA384:ECDH-ECDSA-AES128-SHA256:ECDH-ECDSA-AES256-SHA:ECDH-ECDSA-AES128-SHA:ECDH-ECDSA-DES-CBC3-SHA:ECDH-RSA-AES256-SHA384:ECDH-RSA-AES128-SHA256:ECDH-RSA-AES256-SHA:ECDH-RSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:EDH-RSA-DES-CBC3-SHA:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100b5010000b1030354c20a44e0d7681f3d55d7e9a764b67e6ffa6722c17b21e15bc2c9c98892460a00004a00ffc024c023c00ac009c008c028c027c014c013c012c026c025c005c004c003c02ac029c00fc00ec00d006b0067003900330016003d003c0035002f000ac007c011c002c00c000500040100003e00000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d000c000a0501040102010403020333740000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(768)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 9 iOS 9 ")
|
||||
short+=("safari_9_ios9")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e2010000de030355fb38fdc94c6c1ff6ee066f0e69579f40a83ce5454787e8834b60fd8c31e5ac00003400ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000ac007c011000500040100008100000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d000e000c0501040102010503040302033374000000100030002e0268320568322d31360568322d31350568322d313408737064792f332e3106737064792f3308687474702f312e3100050005010000000000120000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(768)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 9 OS X 10.11 ")
|
||||
short+=("safari_9_osx1011")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-RSA-RC4-SHA:RC4-SHA:RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e2010000de030355def1c4d1f6a12227389012da236581104b0bfa8b8a5bc849372531349dccc600003400ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000ac007c011000500040100008100000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d000e000c0501040102010503040302033374000000100030002e0268320568322d31360568322d31350568322d313408737064792f332e3106737064792f3308687474702f312e3100050005010000000000120000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(768)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Safari 10 OS X 10.12 ")
|
||||
short+=("safari_10_osx1012")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100e2010000de030357fde32ec4b7eb1c967e535ba93d9129ffd6a35fc5d6b14f785205e2a0c7e35600002c00ffc02cc02bc024c023c00ac009c008c030c02fc028c027c014c013c012009d009c003d003c0035002f000a0100008900000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d00120010040102010501060104030203050306033374000000100030002e0268320568322d31360568322d31350568322d313408737064792f332e3106737064792f3308687474702f312e310005000501000000000012000000170000")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1")
|
||||
lowest_protocol+=("0x0301")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(768)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Apple ATS 9 iOS 9 ")
|
||||
short+=("apple_ats_9_ios9")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030300c6010000c2030355def146b7ed606006d8d54a3ece6c9c1b5070b51ce0e81d354178f0311d2e0100001800ffc02cc02bc024c00ac023c009c030c02fc028c027c0130100008100000014001200000f6465762e73736c6c6162732e636f6d000a00080006001700180019000b00020100000d000e000c0501040102010503040302033374000000100030002e0268320568322d31360568322d31350568322d313408737064792f332e3106737064792f3308687474702f312e3100050005010000000000120000")
|
||||
protos+=("-tls1_2")
|
||||
lowest_protocol+=("0x0303")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP")
|
||||
minDhBits+=(768)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(2048)
|
||||
maxRsaBits+=(8192)
|
||||
minEcdsaBits+=(256)
|
||||
requiresSha2+=(true)
|
||||
current+=(true)
|
||||
|
||||
names+=("Tor 17.0.9 Win 7 ")
|
||||
short+=("tor_1709_win7")
|
||||
ciphers+=("ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:CAMELLIA256-SHA:AES256-SHA:ECDHE-ECDSA-RC4-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-RC4-SHA:ECDH-RSA-AES128-SHA:ECDH-ECDSA-RC4-SHA:ECDH-ECDSA-AES128-SHA:SEED-SHA:CAMELLIA128-SHA:RC4-SHA:RC4-MD5:AES128-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030100a30100009f0301526795b7dd72263ca4170729d52799a927b2e8ec0e2d844bca2cd7061de7a57d00004800ffc00ac0140088008700390038c00fc00500840035c007c009c011c0130045004400330032c00cc00ec002c0040096004100050004002fc008c01200160013c00dc003feff000a0100002e00000014001200000f7777772e73736c6c6162732e636f6d000a00080006001700180019000b0002010033740000")
|
||||
protos+=("-tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0301")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(true)
|
||||
|
||||
names+=("Yahoo Slurp Jan 2015 ")
|
||||
short+=("yahoo_slurp_jan_2015")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:IDEA-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("160301011a01000116030354c1f2e62a9427a5c66f85499abd08114e2f02822304c68a85ebf2b54182bca5000094c030c02cc028c024c014c00a00a3009f006b006a0039003800880087c032c02ec02ac026c00fc005009d003d00350084c012c00800160013c00dc003000ac02fc02bc027c023c013c00900a2009e0067004000330032009a009900450044c031c02dc029c025c00ec004009c003c002f009600410007c011c007c00cc002000500040015001200090014001100080006000300ff0100005900000014001200000f6465762e73736c6c6162732e636f6d000b000403000102000a000600040018001700230000000d002200200601060206030501050205030401040204030301030203030201020202030101000f000101")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
||||
names+=("YandexBot Jan 2015 ")
|
||||
short+=("yandexbot_jan_2015")
|
||||
ciphers+=("ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:IDEA-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5")
|
||||
sni+=("$SNI")
|
||||
warning+=("")
|
||||
handshakebytes+=("16030101400100013c03030732cb0b19a74de19e2e6047368eea606cabff2fa27be340c8dee38625eedccd00008ec030c02cc028c024c014c00ac022c02100a3009f006b006a00390038c032c02ec02ac026c00fc005009d003d0035c012c008c01cc01b00160013c00dc003000ac02fc02bc027c023c013c009c01fc01e00a2009e0067004000330032c031c02dc029c025c00ec004009c003c002f0007c011c007c00cc002000500040015001200090014001100080006000300ff0100008500000014001200000f6465762e73736c6c6162732e636f6d000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f0010001100230000000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101")
|
||||
protos+=("-tls1_2 -tls1_1 -tls1 -ssl3")
|
||||
lowest_protocol+=("0x0300")
|
||||
highest_protocol+=("0x0303")
|
||||
service+=("HTTP,FTP")
|
||||
minDhBits+=(-1)
|
||||
maxDhBits+=(-1)
|
||||
minRsaBits+=(-1)
|
||||
maxRsaBits+=(-1)
|
||||
minEcdsaBits+=(-1)
|
||||
requiresSha2+=(false)
|
||||
current+=(false)
|
||||
|
1186
testssl.sh
1186
testssl.sh
File diff suppressed because it is too large
Load Diff
@ -328,34 +328,34 @@ get_export_rsa_ciphers() {
|
||||
|
||||
get_weak_dh_ciphers() {
|
||||
local -i
|
||||
local hexc exportdhe_cipher_list="" exportdhe_cipher_list_hex=""
|
||||
local hexc exportdh_cipher_list="" exportdh_cipher_list_hex=""
|
||||
|
||||
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
|
||||
if [[ "${TLS_CIPHER_RFC_NAME[i]}" == "TLS_DHE_"* ]] && [[ "${TLS_CIPHER_EXPORT[i]}" == "export" ]]; then
|
||||
hexc="${TLS_CIPHER_HEXCODE[i]}"
|
||||
[[ "${TLS_CIPHER_OSSL_NAME[i]}" != "-" ]] && exportdhe_cipher_list+=":${TLS_CIPHER_OSSL_NAME[i]}"
|
||||
exportdhe_cipher_list_hex+=", ${hexc:2:2},${hexc:7:2}"
|
||||
[[ "${TLS_CIPHER_OSSL_NAME[i]}" != "-" ]] && exportdh_cipher_list+=":${TLS_CIPHER_OSSL_NAME[i]}"
|
||||
exportdh_cipher_list_hex+=", ${hexc:2:2},${hexc:7:2}"
|
||||
fi
|
||||
done
|
||||
|
||||
outln; pr_underline "Weak DH ciphers for run_logjam()"; outln
|
||||
outln "exportdhe_cipher_list=\"${exportdhe_cipher_list:1}\""
|
||||
outln "exportdhe_cipher_list_hex=\"${exportdhe_cipher_list_hex:2}\""
|
||||
outln; pr_underline "Weak ephemeral DH ciphers for run_logjam()"; outln
|
||||
outln "exportdh_cipher_list=\"${exportdh_cipher_list:1}\""
|
||||
outln "exportdh_cipher_list_hex=\"${exportdh_cipher_list_hex:2}\""
|
||||
}
|
||||
|
||||
get_dhe_ciphers() {
|
||||
local -i
|
||||
local hexc all_dhe_ciphers=""
|
||||
local hexc all_dh_ciphers=""
|
||||
|
||||
for (( i=0; i < TLS_NR_CIPHERS; i++ )); do
|
||||
if [[ "${TLS_CIPHER_RFC_NAME[i]}" == "TLS_DHE_"* ]] || [[ "${TLS_CIPHER_RFC_NAME[i]}" == "TLS_DH_anon_"* ]]; then
|
||||
hexc="${TLS_CIPHER_HEXCODE[i]}"
|
||||
all_dhe_ciphers+=", ${hexc:2:2},${hexc:7:2}"
|
||||
all_dh_ciphers+=", ${hexc:2:2},${hexc:7:2}"
|
||||
fi
|
||||
done
|
||||
|
||||
outln; pr_underline "All DHE ciphers for run_logjam()"; outln
|
||||
outln "all_dhe_ciphers=\"$(tolower "${all_dhe_ciphers:2}")\""
|
||||
outln; pr_underline "All ephemeral DH ciphers for run_logjam()"; outln
|
||||
outln "all_dh_ciphers=\"$(tolower "${all_dh_ciphers:2}")\""
|
||||
}
|
||||
|
||||
get_mapping_file
|
||||
|
Loading…
Reference in New Issue
Block a user