CipherScan – Find out which SSL ciphersuites are supported by a target

Cipherscan tests the ordering of the SSL/TLS ciphers on a given target, for all major versions of SSL and TLS. It also extracts some certificates informations, TLS options, OCSP stapling and more. Cipherscan is a wrapper above the openssl s_client command line.Cipherscan is meant to run on all flavors of unix. It ships with its own built of OpenSSL for Linux/64 and Darwin/64. On other platform, it will use the openssl version provided by the operating system (which may have limited ciphers support), or your own version provided in the -o command line flag.ExamplesBasic test:$ ./cipherscan google.com……………….Target: google.com:443prio ciphersuite protocols pfs curves1 ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 ECDH,P-256,256bits prime256v12 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v13 ECDHE-RSA-AES128-SHA TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v14 ECDHE-RSA-RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v15 AES128-GCM-SHA256 TLSv1.2 None None6 AES128-SHA256 TLSv1.2 None None7 AES128-SHA TLSv1.1,TLSv1.2 None None8 RC4-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 None None9 RC4-MD5 SSLv3,TLSv1,TLSv1.1,TLSv1.2 None None10 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v111 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v112 ECDHE-RSA-AES256-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v113 AES256-GCM-SHA384 TLSv1.2 None None14 AES256-SHA256 TLSv1.2 None None15 AES256-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 None None16 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v117 ECDHE-RSA-DES-CBC3-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v118 DES-CBC3-SHA SSLv3,TLSv1,TLSv1.1,TLSv1.2 None NoneCertificate: trusted, 2048 bit, sha1WithRSAEncryption signatureTLS ticket lifetime hint: 100800OCSP stapling: not supportedCipher ordering: serverTesting STARTTLS:darwin$ $ ./cipherscan –curves -starttls xmpp jabber.ccc.de:5222…………………………..Target: jabber.ccc.de:5222prio ciphersuite protocols pfs curves1 ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v12 ECDHE-RSA-AES256-SHA384 TLSv1.2 ECDH,P-256,256bits prime256v13 ECDHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v14 DHE-RSA-AES256-GCM-SHA384 TLSv1.2 DH,1024bits None5 DHE-RSA-AES256-SHA256 TLSv1.2 DH,1024bits None6 DHE-RSA-AES256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None7 DHE-RSA-CAMELLIA256-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None8 AES256-GCM-SHA384 TLSv1.2 None None9 AES256-SHA256 TLSv1.2 None None10 AES256-SHA TLSv1,TLSv1.1,TLSv1.2 None None11 CAMELLIA256-SHA TLSv1,TLSv1.1,TLSv1.2 None None12 ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v113 ECDHE-RSA-AES128-SHA256 TLSv1.2 ECDH,P-256,256bits prime256v114 ECDHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 ECDH,P-256,256bits prime256v115 DHE-RSA-AES128-GCM-SHA256 TLSv1.2 DH,1024bits None16 DHE-RSA-AES128-SHA256 TLSv1.2 DH,1024bits None17 DHE-RSA-AES128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None18 DHE-RSA-SEED-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None19 DHE-RSA-CAMELLIA128-SHA TLSv1,TLSv1.1,TLSv1.2 DH,1024bits None20 AES128-GCM-SHA256 TLSv1.2 None None21 AES128-SHA256 TLSv1.2 None None22 AES128-SHA TLSv1,TLSv1.1,TLSv1.2 None None23 SEED-SHA TLSv1,TLSv1.1,TLSv1.2 None None24 CAMELLIA128-SHA TLSv1,TLSv1.1,TLSv1.2 None NoneCertificate: UNTRUSTED, 2048 bit, sha1WithRSAEncryption signatureTLS ticket lifetime hint: NoneOCSP stapling: not supportedCipher ordering: clientCurves ordering: serverCurves fallback: FalseExporting to JSON with the -j command line option:$ ./cipherscan –curves -j www.ebay.com | j{ “curves_fallback": "False", "serverside": "True", "target": "www.ebay.com:443", "utctimestamp": "2015-04-03T14:54:31.0Z", "ciphersuite": [ { "cipher": "AES256-SHA", "ocsp_stapling": "False", "pfs": "None", "protocols": [ "TLSv1", "TLSv1.1", "TLSv1.2" ], "pubkey": [ "2048" ], "sigalg": [ "sha1WithRSAEncryption" ], "ticket_hint": "None", "trusted": "True" }, { "cipher": "ECDHE-RSA-DES-CBC3-SHA", "curves": [ "prime256v1", "secp384r1", "secp224r1", "secp521r1" ], "curves_ordering": "server", "ocsp_stapling": "False", "pfs": "ECDH,P-256,256bits", "protocols": [ "TLSv1", "TLSv1.1", "TLSv1.2" ], "pubkey": [ "2048" ], "sigalg": [ "sha1WithRSAEncryption" ], "ticket_hint": "None", "trusted": "True" } ]}Analyzing configurationsThe motivation behind cipherscan is to help operators configure good TLS on their endpoints. To help this further, the script analyze.py compares the results of a cipherscan with the TLS guidelines from https://wiki.mozilla.org/Security/Server_Side_TLS and output a level and recommendations.$ ./analyze.py -t jve.linuxwall.infojve.linuxwall.info:443 has intermediate tlsChanges needed to match the old level:* consider enabling SSLv3* add cipher DES-CBC3-SHA* use a certificate with sha1WithRSAEncryption signature* consider enabling OCSP StaplingChanges needed to match the intermediate level:* consider enabling OCSP StaplingChanges needed to match the modern level:* remove cipher AES128-GCM-SHA256* remove cipher AES256-GCM-SHA384* remove cipher AES128-SHA256* remove cipher AES128-SHA* remove cipher AES256-SHA256* remove cipher AES256-SHA* disable TLSv1* consider enabling OCSP StaplingIn the output above, analyze.py indicates that the target jve.linuxwall.info matches the intermediate configuration level. If the administrator of this site wants to reach the modern level, the items that failed under the modern tests should be corrected.analyze.py does not make any assumption on what a good level should be. Sites operators should now what level they want to match against, based on the compatibility level they want to support. Again, refer to https://wiki.mozilla.org/Security/Server_Side_TLS for more information.Note on Nagios mode: analyse.py can be ran as a nagios check with –nagios. The exit code will then represent the state of the configuration:2 (critical) for bad tls1 (warning) if it doesn’t match the desired level0 (ok) if it matches. cipherscan can take more than 10 seconds to complete. To alleviate any timeout issues, you may want to run it outside of nagios, passing data through some temporary file.OpenSSLCipherscan uses a custom release of openssl for linux 64 bits and darwin 64 bits. OpenSSL is build from a custom branch maintained by Peter Mosmans that includes a number of patches not merged upstream. It can be found here: https://github.com/PeterMosmans/opensslYou can build it yourself using following commands:git clone https://github.com/PeterMosmans/openssl.git –depth 1 -b 1.0.2-chachacd openssl./Configure zlib no-shared experimental-jpake enable-md2 enable-rc5 \enable-rfc3779 enable-gost enable-static-engine linux-x86_64make dependmakemake reportThe statically linked binary will be apps/openssl.ContributorsJulien Vehent julien@linuxwall.info (original author)Hubert Kario hkario@redhat.com (co-maintainer)Pepi Zawodsky git@maclemon.atMichael Zeltner m@niij.orgPeter Mosmans support@go-forward.netVincent Riquer v.riquer@b2f-concept.comChristian Stadelmann dev@genodeftest.deSimon Deziel simon.deziel@gmail.comAaron Zauner azet@azet.orgMike mikedawg@gmail.comPhil Cohen phlipper@users.noreply.github.comSamuel Kleiner sam@firstbanco.comRichard Soderberg https://twitter.com/floatingatollAdam Crosby adamcrosby@users.noreply.github.comDownload CipherScan

Link: http://feedproxy.google.com/~r/PentestTools/~3/4y1FdVB4Ia8/cipherscan-find-out-which-ssl.html