Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-03 23:39:45 +01:00
Code Issues Packages Projects Releases Wiki Activity

POODLE hack

Browse Source
This commit is contained in:
Dirk 2014-10-15 13:10:06 +02:00
parent 192867554e
commit 86e0141f72
1 changed files with 33 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
testssl.sh
View File

@ -203,7 +203,8 @@ ok(){
esac esac
else else
case $1 in case $1 in
3) brownln "offered" ;; # 2 0 6) literedln "offered (NOT ok): POODLE" ;; # 4 0
3) brownln "offered" ;; # 3 0
2) boldln "offered" ;; # 2 0 2) boldln "offered" ;; # 2 0
1) greenln "offered (OK)" ;; # 1 0 1) greenln "offered (OK)" ;; # 1 0
0) boldln "not offered" ;; # 0 0 0) boldln "not offered" ;; # 0 0
@ -253,6 +254,23 @@ result=`echo $result | tr -cd '\40-\176'`
return $ret return $ret
} }
# Padding Oracle On Downgraded Legacy Encryption
poodle() {
bold " POODLE "; out "(CVE-2014-3566), experimental "
# w/o downgrade check as of now https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00 | TLS_FALLBACK_SCSV
$OPENSSL s_client -ssl3 $STARTTLS -connect $NODEIP:$PORT $SNI 2>$TMPFILE >/dev/null </dev/null
ret=$?
[ "$VERBERR" -eq 0 ] && cat $TMPFILE | egrep "error|failure" | egrep -v "unable to get local|verify error"
if [ $ret -eq 0 ]; then
litered "VULNERABLE "; out "(uses SSLv3)"
else
green "not vulnerable (OK) "
fi
outln
rm $TMPFILE
return $ret
}
#problems not handled: chunked, 302 #problems not handled: chunked, 302
http_header() { http_header() {
@ -663,7 +681,7 @@ runprotocols() {
fi fi
if testprotohelper "-ssl3" " SSLv3 " ; then if testprotohelper "-ssl3" " SSLv3 " ; then
ok 3 0 # brown "offered" ok 6 0 # poodle hack"
else else
ok 0 1 # green "not offered (ok)" ok 0 1 # green "not offered (ok)"
fi fi
@ -723,7 +741,7 @@ simple_preference() {
*TLSv1.1) litegreenln $TLS_PROTO_OFFERED ;; *TLSv1.1) litegreenln $TLS_PROTO_OFFERED ;;
*TLSv1) outln $TLS_PROTO_OFFERED ;; *TLSv1) outln $TLS_PROTO_OFFERED ;;
*SSLv2) redln $TLS_PROTO_OFFERED ;; *SSLv2) redln $TLS_PROTO_OFFERED ;;
*SSLv3) brownln $TLS_PROTO_OFFERED ;; *SSLv3) redln $TLS_PROTO_OFFERED ;;
*) outln "FIXME: $TLS_PROTO_OFFERED" ;; *) outln "FIXME: $TLS_PROTO_OFFERED" ;;
esac esac
@ -1448,6 +1466,7 @@ where <options> is *one* of
<-R|--renegotiation> tests only for renegotiation vulnerability <-R|--renegotiation> tests only for renegotiation vulnerability
<-C|--compression|--crime> tests only for CRIME vulnerability <-C|--compression|--crime> tests only for CRIME vulnerability
<-T|--breach> tests only for BREACH vulnerability <-T|--breach> tests only for BREACH vulnerability
<-0|--poodle> tests only for POODLE vulnerability
<-s|--pfs|--fs|--nsa> checks (perfect) forward secrecy settings <-s|--pfs|--fs|--nsa> checks (perfect) forward secrecy settings
<-4|--rc4|--appelbaum> which RC4 ciphers are being offered? <-4|--rc4|--appelbaum> which RC4 ciphers are being offered?
<-H|--header|--headers> check for HSTS and server banner string <-H|--header|--headers> check for HSTS and server banner string
@ -1828,6 +1847,15 @@ case "$1" in
ret=`expr $? + $ret` ret=`expr $? + $ret`
cleanup cleanup
exit $ret ;; exit $ret ;;
-0|--poodle)
parse_hn_port "$2"
maketempf
outln; blue "--> Testing for POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability"; outln "\n"
poodle
ret=$?
ret=`expr $? + $ret`
cleanup
exit $ret ;;
-4|--rc4|--appelbaum) -4|--rc4|--appelbaum)
parse_hn_port "$2" parse_hn_port "$2"
maketempf maketempf
@ -1868,6 +1896,7 @@ case "$1" in
crime ; ret=`expr $? + $ret` crime ; ret=`expr $? + $ret`
breach ; ret=`expr $? + $ret` breach ; ret=`expr $? + $ret`
beast ; ret=`expr $? + $ret` beast ; ret=`expr $? + $ret`
poodle ; ret=`expr $? + $ret`
outln; blue "--> Testing HTTP Header response"; outln "\n" outln; blue "--> Testing HTTP Header response"; outln "\n"
hsts ; ret=`expr $? + $ret` hsts ; ret=`expr $? + $ret`
@ -1880,7 +1909,7 @@ case "$1" in
exit $ret ;; exit $ret ;;
esac esac
# $Id: testssl.sh,v 1.125 2014/10/15 09:56:39 dirkw Exp $ # $Id: testssl.sh,v 1.126 2014/10/15 11:10:05 dirkw Exp $
# vim:ts=5:sw=5 # vim:ts=5:sw=5