diff --git a/Man-page.md b/Man-page.md index 9a5207d..22ee759 100644 --- a/Man-page.md +++ b/Man-page.md @@ -167,29 +167,35 @@ If the server provides no matching record in Subject Alternative Name (SAN) but `-U, --vulnerable` Just tests all (following) vulnerabilities. The environment variable `VULN_THRESHLD` determines after which value a separate headline for each vulnerability is being displayed. Default is `1` which means if you check for two vulnerabilities, only the general headline for vulnerabilities section is displayed -- in addition to the vulnerability and the ersult. -`-H, --heartbleed` tests for Heartbleed vulnerability +`-H, --heartbleed` tests for Heartbleed which is an openssl vulnerability. Unless the server side doesn't support the heartbeat extension it is likely that this check runs into a timeout. The seconds to wait for a reply can be adjusted with `HEARTBLEED_MAX_WAITSOCK`. 8 is the default (unit: seconds) -`-I, --ccs, --ccs-injection` tests for CCS injection vulnerability +`-I, --ccs, --ccs-injection` tests for CCS injection which is an openssl vulnerability. Sometimes also here the check needs to wait for a reply. The predefined timeout of 5 seconds can be changed with the enviroment variable `CCS_MAX_WAITSOCK` `-T, --ticketbleed` tests for Ticketbleed vulnerability in BigIP loadbalancers -`-R, --renegotiation` tests for renegotiation vulnerabilities +`-R, --renegotiation` tests for renegotiation vulnerabilities. Currently there's a check for "Secure Renegotiation" and for "Secure Client-Initiated Renegotiation". Please be aware that vulnerable servers to the latter can likely be DoSed very easily (HTTP). A check for "Insecure Client-Initiated Renegotiation" is not yet implemented -`-C, --compression, --crime` tests for CRIME vulnerability +`-C, --compression, --crime` tests for CRIME ("Compression Ratio Info-leak Made Easy") vulnerability in TLS. CRIME in SPDY if offered is not yet being checked for. -`-B, --breach` tests for BREACH vulnerability +`-B, --breach` tests for BREACH ("Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext") vulnerability. As for this vulnerabilty HTTP level compressoin is a prerequisite it'll be not tested if HTTP cannot be detected or the detection is not enforced via ``--assume-http`. Please note that only the URL supplied (normally "/" ) is being tested. -`-O, --poodle` tests for POODLE (SSL) vulnerability +`-O, --poodle` tests for SSL POODLE ("Padding Oracle On Downgraded Legacy Encryption") vulnerability. It basically checks for the existence of CBC ciphers in SSLv3. -`-Z, --tls-fallback` checks TLS_FALLBACK_SCSV mitigation +`-Z, --tls-fallback` checks TLS_FALLBACK_SCSV mitigation. It's a ciphersuite -`-F, --freak` tests for FREAK vulnerability +`-W, --sweet32, tests 64 bit block ciphers (3DES, RC2 and IDEA): SWEET32 vulnerability `-A, --beast` tests for BEAST vulnerability -`-J, --logjam` tests for LOGJAM vulnerability +`-L, --lucky13` tests for LUCKY13 vulnerability -`-s, --pfs, --fs,--nsa ` checks (perfect) forward secrecy settings +`-F, --freak` tests for FREAK vulnerability + +`-J, --logjam` tests for LOGJAM vulnerability and checks for "common primes" which are preconfigured DH keys. DH keys =< 1024 Bit will be penelized + +`-D, --drown` tests for DROWN vulnerability + +`-f, --pfs, --fs,--nsa ` checks (perfect) forward secrecy settings `-4, --rc4, --appelbaum` which RC4 ciphers are being offered? @@ -199,20 +205,31 @@ If the server provides no matching record in Subject Alternative Name (SAN) but All output options can also be preset via environment variables. - --warnings "batch" doesn't wait for keypress, "off" or "false" skips connection warning + --warnings "batch" doesn\'t wait for keypress, "off" or "false" skips connection warning + --openssl-timeout useful to avoid hangers. to wait before openssl connect will be terminated --quiet don't output the banner. By doing this you acknowledge usage terms normally appearing in the banner --wide wide output for tests like RC4, BEAST. PFS also with hexcode, kx, strength, RFC name --show-each for wide outputs: display all ciphers tested -- not only succeeded ones - --mapping don't display the RFC Cipher Suite Name + +`--mapping ` + +* `openssl`: use the OpenSSL cipher suite name as the primary name cipher suite name form (default), +* `rfc`: use the RFC cipher suite name as the primary name cipher suite name form. +* `no-openssl`: don't display the OpenSSL cipher suite name, display RFC names only. +* `no-rfc`: don't display the RFC cipher suite name, display OpenSSL names only + --color <0|1|2> 0: no escape or other codes, 1: b/w escape codes, 2: color (default) - --colorblind swap green and blue in the output - --debug <0-6> 0: none - 1: screen output normal but debug output in temp files. - 2: list more what's going on, lists some errors of connections - 3: slight hexdumps + other info - 4: display bytes sent via sockets - 5: display bytes received via sockets - 6: whole 9 yards +`--colorblind` swaps green and blue colors in the output, so that this percentage of folks can distuingish those findings better + +`--debug <0-6>` + +0. none +1. screen output normal but debug output in temp files. +2. list more what\'s going on, lists some errors of connections +3. slight hexdumps + other info +4. display bytes sent via sockets +5. display bytes received via sockets +6. whole 9 yards ### FILE OUTPUT OPTIONS @@ -222,12 +239,16 @@ A few file output options can also be preset via environment variables. --logfile logs stdout to if file is a dir or to specified log file --json additional output of findings to JSON file in cwd --jsonfile additional output to JSON and output JSON to the specified file + --json-pretty additional JSON structured output of findings to a file -p.json in cwd + --jsonfile-pretty additional JSON structured output to the specified file or directory, similar to --logfile --csv additional output of findings to CSV file in cwd --csvfile set output to CSV and output CSV to the specified file --html additional output as HTML to file -p.html --htmlfile additional output as HTML to the specifed file or directory, similar to --logfile + --hints + --severity severities with lower level will be filtered for CSV+JSON, possible values --append if or exists rather append then overwrite ### COLOR RATINGS @@ -272,21 +293,28 @@ does the same on the plain text IMAP port. Please note that for plain TLS-encryp ### RFCs and other standards * RFC 2246: The TLS Protocol Version 1.0 +* RFC 2595: Using TLS with IMAP, POP3 and ACAP +* RFC 3207: SMTP Service Extension for Secure SMTP over Transport Layer Security +* RFC 3501: INTERNET MESSAGE ACCESS PROTOCOL - VERSION 4rev1 * RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1 -* RFC 4366: -* RFC 4492: +* RFC 4366: Transport Layer Security (TLS) Extensions +* RFC 4492: Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) * RFC 5077: Transport Layer Security (TLS) Session Resumption * RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2 * RFC 5321: Simple Mail Transfer Protocol -* RFC 5746: +* RFC 5746: Transport Layer Security (TLS) Renegotiation Indication Extension * RFC 6101: The Secure Sockets Layer (SSL) Protocol Version 3.0 +* RFC 6120: Extensible Messaging and Presence Protocol (XMPP): Core * RFC 6125: Domain-Based Application Service Identity [..] * RFC 6797: HTTP Strict Transport Security (HSTS) -* RFC 7685: * RFC 7469: Public Key Pinning Extension for HTTP (HPKP) -* RFC 7507: +* RFC 7507: TLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks +* RFC 7627: Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension +* RFC 7685: A Transport Layer Security (TLS) ClientHello Padding Extension +* RFC 7905: ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) * RFC 7919: Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security * W3C CSP: Content Security Policy Level 1-3 +* TLSWG Draft: The Transport Layer Security (TLS) Protocol Version 1.3 ### FILES