Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-30 21:35:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

If the environment variable OFFENSIVE has been set to false, skip a number of checks that have offensive characteristics.

Browse Source
This commit is contained in:
Jacco de Leeuw
2018-06-24 17:30:36 +02:00
parent 0355145576
commit 7098b7be50
1 changed files with 27 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

53
testssl.sh
View File

@@ -220,6 +220,7 @@ APPEND=${APPEND:-false} # append to csv/json file instead of ove
[[ -z "$NODNS" ]] && declare NODNS # If unset it does all DNS lookups per default. "min" only for hosts or "none" at all [[ -z "$NODNS" ]] && declare NODNS # If unset it does all DNS lookups per default. "min" only for hosts or "none" at all
HAS_IPv6=${HAS_IPv6:-false} # if you have OpenSSL with IPv6 support AND IPv6 networking set it to yes HAS_IPv6=${HAS_IPv6:-false} # if you have OpenSSL with IPv6 support AND IPv6 networking set it to yes
ALL_CLIENTS=${ALL_CLIENTS:-false} # do you want to run all client simulation form all clients supplied by SSLlabs? ALL_CLIENTS=${ALL_CLIENTS:-false} # do you want to run all client simulation form all clients supplied by SSLlabs?
OFFENSIVE=${OFFENSIVE:-true} # do you want to include offensive vulnerability tests?
########### Tuning vars which cannot be set by a cmd line switch. Use instead e.g "HEADER_MAXSLEEP=10 ./testssl.sh <your_args_here>" ########### Tuning vars which cannot be set by a cmd line switch. Use instead e.g "HEADER_MAXSLEEP=10 ./testssl.sh <your_args_here>"
# #
@@ -16831,19 +16832,19 @@ initialize_globals() {
set_scanning_defaults() { set_scanning_defaults() {
do_allciphers=true do_allciphers=true
do_vulnerabilities=true do_vulnerabilities=true
do_beast=true do_beast="$OFFENSIVE"
do_lucky13=true do_lucky13="$OFFENSIVE"
do_breach=true do_breach="$OFFENSIVE"
do_heartbleed=true do_heartbleed="$OFFENSIVE"
do_ccs_injection=true do_ccs_injection="$OFFENSIVE"
do_ticketbleed=true do_ticketbleed="$OFFENSIVE"
do_robot=true do_robot="$OFFENSIVE"
do_crime=true do_crime="$OFFENSIVE"
do_freak=true do_freak="$OFFENSIVE"
do_logjam=true do_logjam="$OFFENSIVE"
do_drown=true do_drown="$OFFENSIVE"
do_ssl_poodle=true do_ssl_poodle="$OFFENSIVE"
do_sweet32=true do_sweet32="$OFFENSIVE"
do_header=true do_header=true
do_pfs=true do_pfs=true
do_rc4=true do_rc4=true
@@ -17026,21 +17027,21 @@ parse_cmd_line() {
;; ;;
-U|--vulnerable) -U|--vulnerable)
do_vulnerabilities=true do_vulnerabilities=true
do_heartbleed=true do_heartbleed="$OFFENSIVE"
do_ccs_injection=true do_ccs_injection="$OFFENSIVE"
do_ticketbleed=true do_ticketbleed="$OFFENSIVE"
do_robot=true do_robot="$OFFENSIVE"
do_renego=true do_renego=true
do_crime=true do_crime="$OFFENSIVE"
do_breach=true do_breach="$OFFENSIVE"
do_ssl_poodle=true do_ssl_poodle="$OFFENSIVE"
do_tls_fallback_scsv=true do_tls_fallback_scsv=true
do_sweet32=true do_sweet32="$OFFENSIVE"
do_freak=true do_freak="$OFFENSIVE"
do_drown=true do_drown="$OFFENSIVE"
do_logjam=true do_logjam="$OFFENSIVE"
do_beast=true do_beast="$OFFENSIVE"
do_lucky13=true do_lucky13="$OFFENSIVE"
do_rc4=true do_rc4=true
VULN_COUNT=16 VULN_COUNT=16
;; ;;