Git/testssl.sh
1
0
Fork 0
mirror of https://github.com/drwetter/testssl.sh.git synced 2025-10-31 13:55:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
595 Commits 17 Branches 35 Tags
686dd511a6e580ab7b9381d38607d76ed883b4fa
Commit Graph

595 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Dirk Wetter
5163d10a66 Merge pull request #54 from nvsofts/fix_libressl_gost 
Fix GOST handling in LibreSSL
 2015-01-28 09:24:32 +01:00
NV
e3a66f5a70 Fix GOST handling in LibreSSL 2015-01-28 14:17:27 +09:00
The Gitter Badger
cf038a3cfe Added Gitter badge 2015-01-27 22:45:51 +00:00
Dirk Wetter
dedb95b122 Update Readme.md 2015-01-26 12:37:00 +01:00
Dirk
d35e2f95b8 fix for wrong # of HttpOnly cookie 2015-01-23 15:09:35 +01:00
Dirk
84caf9ffd1 fix for double line and double application banner 2015-01-23 12:17:27 +01:00
Dirk
f3eb84c078 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-01-23 12:02:12 +01:00
Dirk
baadfd0492 BREACH is not labeled as experimental anymore as it works reliably 
- so is heartbleed
 - FIX: shopt is removed in rc4 as most of the bash shells segfault here (bug!)
 - not tested anymore for HTTP within starttls, instead displaying here a line
 2015-01-23 12:01:32 +01:00
Dirk
6c6511ddb2 - VERBOSE -eq 1 is now DEBUG -eq 2 (VERBOSE completely removed) 
- DEBUG has now four modes 1: just keep files 2: VERBOSE -eq 1 3: head hexdumps and other stuff, 4: full debugging
- env and internal stuff $TEMPDIR
 2015-01-21 12:53:00 +01:00
Dirk Wetter
d825bd85f7 Update Readme.md 2015-01-20 22:13:15 +01:00
Dirk
82764845f2 Merge branch 'master' of github.com:drwetter/testssl.sh 2015-01-20 22:10:22 +01:00
Dirk
d5924eedc4 - BEAST finally works 
- handling of spaces in output
- different ciphers
- FIX: setopt also for RC4 (proper handling of ret value)
 2015-01-20 21:59:21 +01:00
Dirk
28330dc6fc first prototype BEAST | FIX: maketempf in initialize_engine | FIX: exit statements in main w/ more meaning/shorter 2015-01-20 21:51:49 +01:00
Dirk Wetter
1032c3756a Update Readme.md 2015-01-16 17:18:38 +01:00
Dirk Wetter
b0c6062cb7 Update Readme.md 2015-01-16 17:16:22 +01:00
Dirk
5853202efd fine tuning on banner 2015-01-15 20:29:46 +01:00
Dirk
4c6f0d9a50 - FIX: grep -a if we hit binary content with http_header (also if otherwise specified) 
- NEW: can specify URL (used for header matters and breach)
- FIX: better handling of >1 cookies
 2015-01-14 12:23:53 +01:00
Dirk
3d81a7b5ec * NEW: cookie flags (experimental) [URL is missing] 
* FIX: 30x handling for http_header (hint for final URL if stalled)
* FIX: proper display of app-banners if >1
 2015-01-14 09:48:44 +01:00
Dirk
44d8f67998 SNI is not anymore 2do (removed misleading comment) 2015-01-12 23:28:38 +01:00
Dirk
84204a80a3 debugging more fine grained 2015-01-12 23:15:26 +01:00
Dirk
ac6a67a299 now with SNI! 2015-01-12 22:56:15 +01:00
Dirk
f0747dd2fc now checker fo SSLv3 to TLSV1.2 
(SNI missing for now)
 2015-01-10 22:08:11 +01:00
Dirk
cedeff2b42 typo in tempdir led to missing gost cipher 2015-01-08 14:16:22 +01:00
Dirk
446f7bf152 working prototype for SSLv2 client hello + parsing server hello in bash 2015-01-07 23:57:16 +01:00
Dirk
62f20a6cd2 Merge branch 'master' of https://github.com/drwetter/testssl.sh 2015-01-07 23:30:24 +01:00
Dirk
5044412f39 - moved utils to separate dir 2015-01-07 23:29:05 +01:00
Dirk
decade9986 safer batch processing if port isn't available 2015-01-07 23:16:45 +01:00
Dirk
aa546b520e Merge remote-tracking branch 'origin/revert-48-master' 2015-01-07 23:09:57 +01:00
Dirk
8a3e0267ba safer bacth processing if port isn't available 2015-01-06 16:25:19 +01:00
Dirk Wetter
2556377398 Revert "Change question logic on non-SSL port" 2015-01-06 16:10:21 +01:00
Dirk Wetter
e816e4877a Merge pull request #48 from lwindolf/master 
Change question logic on non-SSL port
 2015-01-06 16:01:07 +01:00
Lars Windolf
d1ab23c146 Change question logic on non-SSL port 
Idea is to bail out per default (with WARNINGS=off) this makes batch processing possible
as often testssl.sh hangs for minutes or endless on non-SSL ports.
 2015-01-03 11:41:35 +01:00
Dirk
eae1b2810f - check for CN wrt SNI / no SNI 
- fix different responses for CACert
 2014-12-23 09:59:03 +01:00
Dirk
4aa674d138 - Negotiated cipher per proto 
- nr_ciphers of used openssl version in banner
- spdy_pre check
- -testversion_new --> -testversion
 2014-12-21 23:22:50 +01:00
Dirk
a570d907e9 - Cipher order check! (also for starttls) 
- includes a remark 4 default_cipher (limited sense as client will pick)
- selfsigned certs: error!
- number of local ciphers in check with allciphers
 2014-12-21 00:47:23 +01:00
Dirk
04b6795f94 Merge branch 'master' of github.com:drwetter/testssl.sh 2014-12-19 17:06:37 +01:00
Dirk
21493fb788 - tempfile handling: every function leaves one, if DEBUG is set 
- FIX*2: OPENSSL_CONF/GOST_CONF
 2014-12-19 17:02:26 +01:00
Dirk Wetter
9e53070598 Update Readme.md 2014-12-19 15:52:05 +01:00
Dirk Wetter
c2ef5d1da8 Update Readme.md 2014-12-19 15:51:32 +01:00
Dirk
8635012cf5 - subjectAltName 2014-12-19 07:12:20 +01:00
Dirk
521a7160a9 - NEW: certificate info, details: 
- NEW: CN, SAN
- NEW: OCSP URI
- NEW: CRL distr point
- NEW: Issuer
- NEW: expiration
- NEW: signature algo
- renamed cmdline --simple_preference to --server_defaults
- now we have a TEMPDIR where all files are written toA
- function or handling/removing TMPFILE
 2014-12-18 09:33:24 +01:00
Dirk Wetter
5d66eeef05 Update Readme.md 2014-12-09 14:25:38 +01:00
Dirk
b40c0b7178 - RELEASE: final 2.2 
- change of cmd line order for STARTTLS
- help more clear
 2014-12-08 10:32:51 +01:00
Dirk
b3efb3c4b0 - BUGFIX: potential stalling in HTTP Header query 
- BUGFIX: HTTP specific vuln. won't be checked if service is not http (we still
check crime and also spdy => gmail has spdy for pop and imap)
- Feature: service detection: HTTP, IMAP, POP, SMTP
- alignment in rDNS output corrected
- minor cleanup / improvements
 2014-11-30 01:30:20 +01:00
Dirk
27f06f8d50 - BUGFIX: BSD now has proper heartbleed and ccs injection detection 
- significant code improvement of hex-byte parser <-> socket sender
- BUGFIX: BSD now doesn't put an extra \n if rfc map file is missing
- bumped to 2.1rc3, hoping that'll be the last
 2014-11-27 21:33:33 +01:00
Dirk
c034cd8a95 - for colors: double square brackets (might save a fork to "[ or "test" 
- in terms of debugging cleaned up listciphers/std_cipherlists
- in other terms too
 2014-11-25 13:12:24 +01:00
Dirk Wetter
5228986b25 Update Readme.md 2014-11-24 16:43:11 +01:00
Dirk Wetter
b242876597 Merge pull request #37 from yurivict/master 
Fixed errors when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options
 2014-11-24 15:16:42 +01:00
Yuri
19f936bece Fixed the problem when COLOR=0 caused 'printf' to break due to leading dashes interpreted as command line options. 2014-11-22 12:15:47 -08:00
Dirk Wetter
7cf2030c20 Merge pull request #36 from PeterMosmans/bugfix 
Fixed minor redirection typo for 'which' command
 2014-11-22 18:31:09 +01:00