Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-01-06 00:39:44 +01:00
Code Issues Packages Projects Releases Wiki Activity

- BEAST now also works in wide mode

Browse Source 
- renamed --long in --wide
- added --show-each to help
- inserted help
This commit is contained in:
Dirk Wetter 2015-05-27 17:04:35 +02:00
parent a76ca52c4c
commit f9605c4f35
1 changed files with 115 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

188
testssl.sh
View File

@ -779,6 +779,7 @@ normalize_ciphercode() {
fi fi
HEXC="$part1$part2$part3" HEXC="$part1$part2$part3"
fi fi
# FIXME: we shuld just echo this and avoid the global var HEXC
HEXC=$(echo $HEXC | tr 'A-Z' 'a-z' | sed 's/0x/x/') #tolower + strip leading 0 HEXC=$(echo $HEXC | tr 'A-Z' 'a-z' | sed 's/0x/x/') #tolower + strip leading 0
return 0 return 0
} }
@ -898,6 +899,11 @@ neat_header(){
outln "%s-------------------------------------------------------------------------${MAP_RFC_FNAME:+----------------------------------------------}" outln "%s-------------------------------------------------------------------------${MAP_RFC_FNAME:+----------------------------------------------}"
} }
# arg1: hexcode
# arg2: cipher in openssl notation
# arg3: keyexchange
# arg4: encryption (maybe included "export")
neat_list(){ neat_list(){
kx=$(echo "$3" | sed 's/Kx=//g') kx=$(echo "$3" | sed 's/Kx=//g')
enc=$(echo $4 | sed 's/Enc=//g') enc=$(echo $4 | sed 's/Enc=//g')
@ -1184,7 +1190,7 @@ run_std_cipherlists() {
read_dhbits_from_file() { read_dhbits_from_file() {
local bits what_dh local bits what_dh
local add="" local add=""
local old_fart=" (openssl too old to show DH bits)" local old_fart=" (openssl is too old to show DH bits)"
if ! $HAS_DH_BITS; then if ! $HAS_DH_BITS; then
if [ -z "$2" ]; then if [ -z "$2" ]; then
@ -1225,8 +1231,6 @@ read_dhbits_from_file() {
else else
out "$bits $add" out "$bits $add"
fi fi
else
pr_bold "FIXME: >$what_dh|$bits<"
fi fi
return 0 return 0
@ -1998,7 +2002,7 @@ sslv2_sockets() {
if [[ "$lines" -gt 1 ]] ;then if [[ "$lines" -gt 1 ]] ;then
ciphers_detected=$(($V2_HELLO_CIPHERSPEC_LENGTH / 3 )) ciphers_detected=$(($V2_HELLO_CIPHERSPEC_LENGTH / 3 ))
if [ 0 -eq "$ciphers_detected" ] ; then if [ 0 -eq "$ciphers_detected" ] ; then
pr_litered "supported but couldn't detect a cipher"; outln "(may need further attention)" pr_litered "supported but couldn't detect a cipher"; outln " (may need further attention)"
else else
pr_red "offered (NOT ok)"; outln " -- $ciphers_detected ciphers" pr_red "offered (NOT ok)"; outln " -- $ciphers_detected ciphers"
fi fi
@ -2709,51 +2713,80 @@ beast(){
local detected_proto local detected_proto
local detected_cbc_cipher="" local detected_cbc_cipher=""
local higher_proto_supported="" local higher_proto_supported=""
local -i ret=0 local openssl_ret=0
local vuln_beast=false
local spaces=" " local spaces=" "
local cr=$'\n' local cr=$'\n'
local first=true local first=true
local continued=false local continued=false
local cbc_cipher_list="SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:SRP-AES-256-CBC-SHA:RSA-PSK-AES256-CBC-SHA:PSK-AES256-CBC-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:SRP-AES-128-CBC-SHA:IDEA-CBC-SHA:IDEA-CBC-MD5:RC2-CBC-MD5:RSA-PSK-AES128-CBC-SHA:PSK-AES128-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-IDEA-CBC-MD5:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:SRP-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DH-RSA-DES-CBC3-SHA:DH-DSS-DES-CBC3-SHA:AECDH-DES-CBC3-SHA:ADH-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:DES-CBC3-MD5:RSA-PSK-3DES-EDE-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-DES-CBC3-MD5:EXP1024-DHE-DSS-DES-CBC-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DH-RSA-DES-CBC-SHA:DH-DSS-DES-CBC-SHA:ADH-DES-CBC-SHA:EXP1024-DES-CBC-SHA:DES-CBC-SHA:DES-CBC-MD5:KRB5-DES-CBC-SHA:KRB5-DES-CBC-MD5:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DH-RSA-DES-CBC-SHA:EXP-DH-DSS-DES-CBC-SHA:EXP-ADH-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC2-CBC-MD5:EXP-KRB5-RC2-CBC-SHA:EXP-KRB5-DES-CBC-SHA:EXP-KRB5-RC2-CBC-MD5:EXP-KRB5-DES-CBC-MD5"
[ $VULN_COUNT -le $VULN_THRESHLD ] && outln && pr_blue "--> Testing for BEAST vulnerability" && outln "\n" if [ $VULN_COUNT -le $VULN_THRESHLD ] || [ $LONG -eq 0 ] ; then
outln
pr_blue "--> Testing for BEAST vulnerability" && outln "\n"
fi
pr_bold " BEAST"; out " (CVE-2011-3389) " pr_bold " BEAST"; out " (CVE-2011-3389) "
[[ $LONG -eq 0 ]] && outln
# 2) test handfull of common CBC ciphers # 2) test handfull of common CBC ciphers
for proto in ssl3 tls1; do for proto in ssl3 tls1; do
$OPENSSL s_client -"$proto" $STARTTLS -connect $NODEIP:$PORT $SNI >$TMPFILE 2>/dev/null </dev/null $OPENSSL s_client -"$proto" $STARTTLS -connect $NODEIP:$PORT $SNI >$TMPFILE 2>/dev/null </dev/null
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then # protocol supported?
if $continued; then if $continued; then # second round: we hit TLS1:
pr_litegreenln "no SSL3 or TLS1" pr_litegreenln "no SSL3 or TLS1"
return 0 return 0
else else # protocol not succeeded but it';s the first time
continued=true continued=true
continue # protocol no supported, so we do not need to check each cipher with that protocol continue # protocol no supported, so we do not need to check each cipher with that protocol
fi fi
fi # protocol succeeded
# protocol with cbc_cipher check follows now
if [[ $LONG -eq 0 ]] ; then
outln "\n $(echo $proto | tr '[a-z]' '[A-Z]'):";
neat_header # NOTTHATNICE: we display the header also if in the end no cbc cipher is available on the client side
fi fi
while read hexcode dash cbc_cipher sslvers kx auth enc mac export ; do while read hexcode dash cbc_cipher sslvers kx auth enc mac; do
$OPENSSL s_client -cipher "$cbc_cipher" -"$proto" $STARTTLS -connect $NODEIP:$PORT $SNI >$TMPFILE 2>/dev/null </dev/null $OPENSSL s_client -cipher "$cbc_cipher" -"$proto" $STARTTLS -connect $NODEIP:$PORT $SNI >$TMPFILE 2>/dev/null </dev/null
#normalize_ciphercode $hexcode openssl_ret=$?
#neat_list $HEXC $ciph $kx $enc | grep -wai "$arg" [[ $openssl_ret -eq 0 ]] && vuln_beast=true
if [ $? -eq 0 ]; then if [ $LONG -eq 0 ]; then
detected_cbc_cipher="$detected_cbc_cipher ""$(grep -aw "Cipher" $TMPFILE | egrep -avw "New|is" | sed -e 's/^.*Cipher.*://' -e 's/ //g')" normalize_ciphercode $hexcode
if [[ "$SHOW_EACH_C" -ne 0 ]]; then
neat_list $HEXC $cbc_cipher $kx $enc
if [[ $openssl_ret -eq 0 ]]; then
pr_brownln "available"
else
outln "not a/v"
fi
else
[[ $openssl_ret -eq 0 ]] && neat_list $HEXC $cbc_cipher $kx $enc && outln
fi
else # short display:
if [ $openssl_ret -eq 0 ]; then
detected_cbc_cipher="$detected_cbc_cipher ""$(grep -aw "Cipher" $TMPFILE | egrep -avw "New|is" | sed -e 's/^.*Cipher.*://' -e 's/ //g')"
vuln_beast=true
fi
fi fi
done < <($OPENSSL ciphers -V 'ALL:eNULL' | grep -a CBC) # -V doesn't work with openssl < 1.0 done < <($OPENSSL ciphers -V 'ALL:eNULL' | grep -a CBC) # -V doesn't work with openssl < 1.0
# ^^^^^ process substitution as shopt will either segfault or doesn't work with old bash versions # ^^^^^ process substitution as shopt will either segfault or doesn't work with old bash versions
#detected_cbc_cipher=$(echo $detected_cbc_cipher | sed 's/ //g') if [ $LONG -ne 0 ]; then
if [ -z "$detected_cbc_cipher" ]; then if [ -n "$detected_cbc_cipher" ]; then
[[ $proto == "tls1" ]] && ! $first && printf "$spaces" detected_cbc_cipher=$(echo "$detected_cbc_cipher" | sed -e "s/ /\\${cr} ${spaces}/9" -e "s/ /\\${cr} ${spaces}/6" -e "s/ /\\${cr} ${spaces}/3")
pr_litegreenln "no CBC ciphers for $(echo $proto | tr '[a-z]' '[A-Z]') (OK)" ! $first && out "$spaces"
first=false out "$(echo $proto | tr '[a-z]' '[A-Z]'):"; pr_brownln "$detected_cbc_cipher"
detected_cbc_cipher="" # empty for next round
first=false
else
[[ $proto == "tls1" ]] && ! $first && printf "$spaces"
pr_litegreenln "no CBC ciphers for $(echo $proto | tr '[a-z]' '[A-Z]') (OK)"
first=false
fi
else else
detected_cbc_cipher=$(echo "$detected_cbc_cipher" | sed -e "s/ /\\${cr} ${spaces}/9" -e "s/ /\\${cr} ${spaces}/6" -e "s/ /\\${cr} ${spaces}/3") $vuln_beast || pr_litegreenln " no CBC ciphers for $(echo $proto | tr '[a-z]' '[A-Z]') (OK)"
[ $ret -eq 1 ] && out "$spaces"
out "$(echo $proto | tr '[a-z]' '[A-Z]'):"; pr_brownln "$detected_cbc_cipher"
ret=1
detected_cbc_cipher=""
first=false
fi fi
done done # for proto in ssl3 tls1
# 2) support for TLS 1.1+1.2? # 2) support for TLS 1.1+1.2?
for proto in tls1_1 tls1_2; do for proto in tls1_1 tls1_2; do
@ -2762,14 +2795,22 @@ beast(){
higher_proto_supported="$higher_proto_supported ""$(grep -aw "Protocol" $TMPFILE | sed -e 's/^.*Protocol .*://' -e 's/ //g')" higher_proto_supported="$higher_proto_supported ""$(grep -aw "Protocol" $TMPFILE | sed -e 's/^.*Protocol .*://' -e 's/ //g')"
fi fi
done done
if [ $ret -eq 1 ] ; then if $vuln_beast ; then
[ ! -z "$higher_proto_supported" ] && outln "${spaces}-- but also supports higher protocols (possible mitigation):$higher_proto_supported" if [ ! -z "$higher_proto_supported" ] ; then
if [ $LONG -eq 0 ]; then
outln
pr_brown "VULNERABLE"
outln " -- but also supports higher protocols (possible mitigation):$higher_proto_supported"
else
outln "${spaces}-- but also supports higher protocols (possible mitigation):$higher_proto_supported"
fi
fi
fi fi
# printf "For a full individual test of each CBC cipher suites support by your $OPENSSL run \"$0 -x CBC $NODE\"\n" # printf "For a full individual test of each CBC cipher suites support by your $OPENSSL run \"$0 -x CBC $NODE\"\n"
tmpfile_handle $FUNCNAME.txt tmpfile_handle $FUNCNAME.txt
return $ret return
} }
lucky13() { lucky13() {
@ -2784,8 +2825,8 @@ lucky13() {
# https://en.wikipedia.org/wiki/Transport_Layer_Security#RC4_attacks # https://en.wikipedia.org/wiki/Transport_Layer_Security#RC4_attacks
# http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html # http://blog.cryptographyengineering.com/2013/03/attack-of-week-rc4-is-kind-of-broken-in.html
rc4() { rc4() {
local ret local ret rc4_offered
local hexcode n ciph sslvers kx auth enc mac strength local hexcode n ciph sslvers kx auth enc mac export
if [ $VULN_COUNT -le $VULN_THRESHLD ] || [ $LONG -eq 0 ] ; then if [ $VULN_COUNT -le $VULN_THRESHLD ] || [ $LONG -eq 0 ] ; then
outln outln
@ -2809,7 +2850,7 @@ rc4() {
fi fi
if [ $LONG -eq 0 ]; then if [ $LONG -eq 0 ]; then
normalize_ciphercode $hexcode normalize_ciphercode $hexcode
neat_list $HEXC $ciph $kx $enc $strength neat_list $HEXC $ciph $kx $enc
if [[ "$SHOW_EACH_C" -ne 0 ]]; then if [[ "$SHOW_EACH_C" -ne 0 ]]; then
if [[ $ret -eq 0 ]]; then if [[ $ret -eq 0 ]]; then
pr_litered "available" pr_litered "available"
@ -2931,57 +2972,58 @@ help() {
$PROG_NAME <options> $PROG_NAME <options>
<-h|--help> what you're looking at <-h|--help> what you're looking at
<-b|--banner> displays banner + version of $PROG_NAME <-b|--banner> displays banner + version of $PROG_NAME
<-v|--version> same as previous <-v|--version> same as previous
<-V|--local> pretty print all local ciphers <-V|--local> pretty print all local ciphers
<-V|--local> <pattern> what local cipher with <pattern> is a/v? <-V|--local> <pattern> what local cipher with <pattern> is a/v?
$PROG_NAME <options> URI ("$PROG_NAME URI" does everything except ciphers per proto/each cipher) $PROG_NAME <options> URI ("$PROG_NAME URI" does everything except ciphers per proto/each cipher)
<-e|--each-cipher> checks each local cipher remotely <-e|--each-cipher> checks each local cipher remotely
<-E|--cipher-per-proto> checks those per protocol <-E|--cipher-per-proto> checks those per protocol
<-f|--ciphers> checks common cipher suites <-f|--ciphers> checks common cipher suites
<-p|--protocols> checks TLS/SSL protocols <-p|--protocols> checks TLS/SSL protocols
<-S|--server_defaults> displays the servers default picks and certificate info <-S|--server_defaults> displays the servers default picks and certificate info
<-P|--preference> displays the servers picks: protocol+cipher <-P|--preference> displays the servers picks: protocol+cipher
<-y|--spdy|--npn> checks for SPDY/NPN <-y|--spdy|--npn> checks for SPDY/NPN
<-x|--single-cipher> <pattern> tests matched <pattern> of cipher <-x|--single-cipher> pattern tests matched <pattern> of cipher
<-U|--vulnerable> tests all vulnerabilities <-U|--vulnerable> tests all vulnerabilities
<-B|--heartbleed> tests for heartbleed vulnerability <-B|--heartbleed> tests for heartbleed vulnerability
<-I|--ccs|--ccs-injection> tests for CCS injection vulnerability <-I|--ccs|--ccs-injection> tests for CCS injection vulnerability
<-R|--renegotiation> tests renegotiation vulnerabilities <-R|--renegotiation> tests for renegotiation vulnerabilities
<-C|--compression|--crime> tests CRIME vulnerability <-C|--compression|--crime> tests for CRIME vulnerability
<-T|--breach> tests BREACH vulnerability <-T|--breach> tests for BREACH vulnerability
<-O|--poodle> tests for POODLE (SSL) vulnerability <-O|--poodle> tests for POODLE (SSL) vulnerability
<-F|--freak> tests FREAK vulnerability <-F|--freak> tests for FREAK vulnerability
<-A|--beast> tests BEAST vulnerability <-A|--beast> tests for BEAST vulnerability
<-s|--pfs|--fs|--nsa> checks (perfect) forward secrecy settings <-s|--pfs|--fs|--nsa> checks (perfect) forward secrecy settings
<-4|--rc4|--appelbaum> which RC4 ciphers are being offered? <-4|--rc4|--appelbaum> which RC4 ciphers are being offered?
<-H|--header|--headers> tests HSTS, HPKP, server/app banner, security headers, cookie <-H|--header|--headers> tests HSTS, HPKP, server/app banner, security headers, cookie
special invocations: special invocations:
<-t|--starttls> protocol does a default run against a STARTTLS enabled service <-t|--starttls> protocol does a default run against a STARTTLS enabled service
<--mx> domain/host tests MX records from high to low priority (STARTTLS, port 25) <--mx> domain/host tests MX records from high to low priority (STARTTLS, port 25)
partly mandatory parameters: partly mandatory parameters:
URI host|host:port|URL|URL:port (port 443 is assumed unless otherwise specified) URI host|host:port|URL|URL:port (port 443 is assumed unless otherwise specified)
pattern an ignore case word pattern of cipher hexcode or any other string in the name, kx or bits pattern an ignore case word pattern of cipher hexcode or any other string in the name, kx or bits
protocol is one of ftp,smtp,pop3,imap,xmpp,telnet,ldap (for the latter two you need e.g. the supplied openssl) protocol is one of ftp,smtp,pop3,imap,xmpp,telnet,ldap (for the latter two you need e.g. the supplied openssl)
tuning options: tuning options:
--assuming-http if protocol check fails it assumes HTTP protocol and enforces HTTP checks --assuming-http if protocol check fails it assumes HTTP protocol and enforces HTTP checks
--ssl-native fallback to checks with OpenSSL where sockets are normally used --ssl-native fallback to checks with OpenSSL where sockets are normally used
--openssl <PATH> use this openssl binary (default: look in \$PATH, RUN_DIR of $PROG_NAME --openssl <PATH> use this openssl binary (default: look in \$PATH, RUN_DIR of $PROG_NAME
--sneaky be less verbose wrt referer headers --sneaky be less verbose wrt referer headers
--long wide output for tests like RC4 also with hexcode, kx, strength --wide wide output for tests like RC4, BEAST. also with hexcode, kx, strength
--warnings <batch|off|false> "batch" doesn't wait for keypress, "off|false" skips connection warning --show-each for each wide output (see --wide, -V, -x, e, -E): display all ciphers not only succeeded ones
--color 0: no escape or other codes 1: b/w escape codes 2: color (default) --warnings <batch|off|false> "batch" doesn't wait for keypress, "off|false" skips connection warning
--debug 1: screen output normal but debug output in itemp files. 2-6: see line ~60 --color 0: no escape or other codes, 1: b/w escape codes, 2: color (default)
--debug 1: screen output normal but debug output in itemp files. 2-6: see line ~60
Need HTML output? Just pipe through "aha" (Ansi HTML Adapter: github.com/theZiz/aha) like Need HTML output? Just pipe through "aha" (Ansi HTML Adapter: github.com/theZiz/aha) like
@ -3546,7 +3588,7 @@ startup() {
shift shift
do_tls_sockets=true do_tls_sockets=true
outln "TLS_LOW_BYTE/HEX_CIPHER: ${TLS_LOW_BYTE}/${HEX_CIPHER}" ;; outln "TLS_LOW_BYTE/HEX_CIPHER: ${TLS_LOW_BYTE}/${HEX_CIPHER}" ;;
--long) LONG=0 ;; --wide) LONG=0 ;;
--assuming-http|--assuming_http|--assume_http|--assume-http) --assuming-http|--assuming_http|--assume_http|--assume-http)
ASSUMING_HTTP=0 ;; ASSUMING_HTTP=0 ;;
--sneaky) --sneaky)
@ -3557,7 +3599,7 @@ startup() {
default) pr_magentaln "warnings can be either \"batch\", \"off\" or \"false\"" ;; default) pr_magentaln "warnings can be either \"batch\", \"off\" or \"false\"" ;;
esac esac
shift ;; shift ;;
--show-each-cipher) --show-each|--show_each)
SHOW_EACH_C=1 ;; #FIXME: sense is vice versa SHOW_EACH_C=1 ;; #FIXME: sense is vice versa
--debug) --debug)
DEBUG="$2" DEBUG="$2"
@ -3675,6 +3717,6 @@ fi
exit $ret exit $ret
# $Id: testssl.sh,v 1.261 2015/05/27 12:28:17 dirkw Exp $ # $Id: testssl.sh,v 1.262 2015/05/27 15:04:34 dirkw Exp $
# vim:ts=5:sw=5 # vim:ts=5:sw=5
# ^^^ FYI: use vim and you will see everything beautifully indented with a 5 char tab # ^^^ FYI: use vim and you will see everything beautifully indented with a 5 char tab