mirror of
https://github.com/drwetter/testssl.sh.git
synced 2025-01-20 23:49:30 +01:00
Remove useless kittens
This commit is contained in:
parent
b7b88a03e7
commit
8ad1cca0ab
10
testssl.sh
10
testssl.sh
@ -505,7 +505,7 @@ serverbanner() {
|
|||||||
pr_bold " Server "
|
pr_bold " Server "
|
||||||
grep -ai '^Server' $HEADERFILE >$TMPFILE
|
grep -ai '^Server' $HEADERFILE >$TMPFILE
|
||||||
if [ $? -eq 0 ]; then
|
if [ $? -eq 0 ]; then
|
||||||
serverbanner=$(cat $TMPFILE | sed -e 's/^Server: //' -e 's/^server: //')
|
serverbanner=$(sed -e 's/^Server: //' -e 's/^server: //' $TMPFILE)
|
||||||
if [ x"$serverbanner" == "x\n" -o x"$serverbanner" == "x\n\r" -o x"$serverbanner" == "x" ]; then
|
if [ x"$serverbanner" == "x\n" -o x"$serverbanner" == "x\n\r" -o x"$serverbanner" == "x" ]; then
|
||||||
outln "banner exists but empty string"
|
outln "banner exists but empty string"
|
||||||
else
|
else
|
||||||
@ -553,7 +553,7 @@ cookieflags() { # ARG1: Path, ARG2: path
|
|||||||
pr_bold " Cookie(s) "
|
pr_bold " Cookie(s) "
|
||||||
grep -ai '^Set-Cookie' $HEADERFILE >$TMPFILE
|
grep -ai '^Set-Cookie' $HEADERFILE >$TMPFILE
|
||||||
if [ $? -eq 0 ]; then
|
if [ $? -eq 0 ]; then
|
||||||
nr_cookies=$(cat $TMPFILE | wc -l)
|
nr_cookies=$(wc -l $TMPFILE)
|
||||||
out "$nr_cookies issued: "
|
out "$nr_cookies issued: "
|
||||||
if [ $nr_cookies -gt 1 ] ; then
|
if [ $nr_cookies -gt 1 ] ; then
|
||||||
negative_word="NONE"
|
negative_word="NONE"
|
||||||
@ -645,7 +645,7 @@ listciphers() {
|
|||||||
std_cipherlists() {
|
std_cipherlists() {
|
||||||
out "$2 ";
|
out "$2 ";
|
||||||
if listciphers $1; then # is that locally available??
|
if listciphers $1; then # is that locally available??
|
||||||
[ $SHOW_LOC_CIPH = "1" ] && out "local ciphers are: " && cat $TMPFILE | sed 's/:/, /g'
|
[ $SHOW_LOC_CIPH = "1" ] && out "local ciphers are: " && sed 's/:/, /g' $TMPFILE
|
||||||
$OPENSSL s_client -cipher "$1" $STARTTLS -connect $NODEIP:$PORT $SNI 2>$TMPFILE >/dev/null </dev/null
|
$OPENSSL s_client -cipher "$1" $STARTTLS -connect $NODEIP:$PORT $SNI 2>$TMPFILE >/dev/null </dev/null
|
||||||
ret=$?
|
ret=$?
|
||||||
[[ $DEBUG -ge 2 ]] && cat $TMPFILE
|
[[ $DEBUG -ge 2 ]] && cat $TMPFILE
|
||||||
@ -2203,7 +2203,7 @@ ssl_poodle() {
|
|||||||
debugme echo $cbc_ciphers
|
debugme echo $cbc_ciphers
|
||||||
$OPENSSL s_client -ssl3 $STARTTLS -cipher $cbc_ciphers -connect $NODEIP:$PORT $SNI &>$TMPFILE </dev/null
|
$OPENSSL s_client -ssl3 $STARTTLS -cipher $cbc_ciphers -connect $NODEIP:$PORT $SNI &>$TMPFILE </dev/null
|
||||||
ret=$?
|
ret=$?
|
||||||
[ "$VERBERR" -eq 0 ] && cat $TMPFILE | egrep "error|failure" | egrep -v "unable to get local|verify error"
|
[ "$VERBERR" -eq 0 ] && egrep "error|failure" $TMPFILE | egrep -v "unable to get local|verify error"
|
||||||
if [ $ret -eq 0 ]; then
|
if [ $ret -eq 0 ]; then
|
||||||
pr_litered "VULNERABLE (NOT ok)"; out ", uses SSLv3+CBC (no TLS_FALLBACK_SCSV mitigation tested)"
|
pr_litered "VULNERABLE (NOT ok)"; out ", uses SSLv3+CBC (no TLS_FALLBACK_SCSV mitigation tested)"
|
||||||
else
|
else
|
||||||
@ -2241,7 +2241,7 @@ freak() {
|
|||||||
esac
|
esac
|
||||||
$OPENSSL s_client $STARTTLS -cipher $exportrsa_ciphers -connect $NODEIP:$PORT $SNI &>$TMPFILE </dev/null
|
$OPENSSL s_client $STARTTLS -cipher $exportrsa_ciphers -connect $NODEIP:$PORT $SNI &>$TMPFILE </dev/null
|
||||||
ret=$?
|
ret=$?
|
||||||
[ "$VERBERR" -eq 0 ] && cat $TMPFILE | egrep "error|failure" | egrep -v "unable to get local|verify error"
|
[ "$VERBERR" -eq 0 ] && egrep "error|failure" $TMPFILE | egrep -v "unable to get local|verify error"
|
||||||
if [ $ret -eq 0 ]; then
|
if [ $ret -eq 0 ]; then
|
||||||
pr_red "VULNERABLE (NOT ok)"; out ", uses EXPORT RSA ciphers"
|
pr_red "VULNERABLE (NOT ok)"; out ", uses EXPORT RSA ciphers"
|
||||||
else
|
else
|
||||||
|
Loading…
Reference in New Issue
Block a user