SSLScan : détection de cipher SSL

Bonjour à tous !

Deux mots en vitesse sur un outil assez pratique ma foi, et qui permet en 2 temps 3 mouvements de détecter les chiffrements possibles, non acceptés et préférés d’un serveur en HTTPS : SSLScan.

Cet outil est un exécutable issu d’un code C, disponible à la fois pour les Linux, mais également pour les Windows. L’utilisation est intuitive et en ligne de commande.

Installation éclair

Actuellement, la version est la 1.8.2. L’installation se fait dans les règles et très succinctement.

$ cd /usr/local/src && wget http://downloads.sourceforge.net/project/sslscan/sslscan/sslscan-1.8.2.tgz

$ tar zxvf sslscan-1.8.2.tgz
sslscan-1.8.2/
sslscan-1.8.2/Makefile
sslscan-1.8.2/LICENSE
sslscan-1.8.2/sslscan.1
sslscan-1.8.2/sslscan.c
sslscan-1.8.2/INSTALL
sslscan-1.8.2/Changelog

$ make
gcc -g -Wall -lssl -o sslscan sslscan.c

$ make install
cp sslscan /usr/bin/
cp sslscan.1 /usr/share/man/man1

Le moins que l’on puisse dire, c’est que ce n’est pas trop dur comme installation !

Jouons un peu !

$ sslscan
_
___ ___| |___  ___ __ _ _ __
/ __/ __| / __|/ __/ _` | '_ \
\__ \__ \ \__ \ (_| (_| | | | |
|___/___/_|___/\___\__,_|_| |_|

Version 1.8.2

http://www.titania.co.uk

Copyright Ian Ventura-Whiting 2009

SSLScan is a fast SSL port scanner. SSLScan connects to SSL
ports and determines what  ciphers are supported, which are
the servers  prefered  ciphers,  which  SSL  protocols  are
supported  and   returns  the   SSL   certificate.   Client
certificates /  private key can be configured and output is
to text / XML.

Command:
sslscan [Options] [host:port | host]

Options:
--targets=<file>     A file containing a list of hosts to
check.  Hosts can  be supplied  with
ports (i.e. host:port).
--no-failed          List only accepted ciphers  (default
is to listing all ciphers).
--ssl2               Only check SSLv2 ciphers.
--ssl3               Only check SSLv3 ciphers.
--tls1               Only check TLSv1 ciphers.
--pk=<file>          A file containing the private key or
a PKCS#12  file containing a private
key/certificate pair (as produced by
MSIE and Netscape).
--pkpass=<password>  The password for the private  key or
PKCS#12 file.
--certs=<file>       A file containing PEM/ASN1 formatted
client certificates.
--starttls           If a STARTTLS is required to kick an
SMTP service into action.
--http               Test a HTTP connection.
--bugs               Enable SSL implementation  bug work-
arounds.
--xml=<file>         Output results to an XML file.
--version            Display the program version.
--help               Display the  help text  you are  now
reading.
Example:
sslscan 127.0.0.1

$ sslscan httpstest
__
__ ___|     | ___     ___       _       __
/ __/ __|     / __|/      __/ _` |    ' _  \
\__ \__   \  \__   \     (_|   (_| |    | |   |
|___/___/_|___/\___\__,_|_| |_|

Version 1.8.2

http://www.titania.co.uk

Copyright Ian Ventura-Whiting 2009

Testing SSL server httpstest on port 443

Supported Server Cipher(s):
Rejected  SSLv2  168 bits  DES-CBC3-MD5
Rejected  SSLv2  56 bits   DES-CBC-MD5
Rejected  SSLv2  40 bits   EXP-RC2-CBC-MD5
Rejected  SSLv2  128 bits  RC2-CBC-MD5
Rejected  SSLv2  40 bits   EXP-RC4-MD5
Rejected  SSLv2  128 bits  RC4-MD5
Rejected  SSLv3  256 bits  ADH-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  SSLv3  256 bits  CAMELLIA256-SHA
Rejected  SSLv3  128 bits  ADH-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  SSLv3  128 bits  CAMELLIA128-SHA
Rejected  SSLv3  256 bits  ADH-AES256-SHA
Accepted  SSLv3  256 bits  DHE-RSA-AES256-SHA
Rejected  SSLv3  256 bits  DHE-DSS-AES256-SHA
Accepted  SSLv3  256 bits  AES256-SHA
Rejected  SSLv3  128 bits  ADH-AES128-SHA
Accepted  SSLv3  128 bits  DHE-RSA-AES128-SHA
Rejected  SSLv3  128 bits  DHE-DSS-AES128-SHA
Accepted  SSLv3  128 bits  AES128-SHA
Rejected  SSLv3  168 bits  ADH-DES-CBC3-SHA
Rejected  SSLv3  56 bits   ADH-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  SSLv3  128 bits  ADH-RC4-MD5
Rejected  SSLv3  40 bits   EXP-ADH-RC4-MD5
Accepted  SSLv3  168 bits  EDH-RSA-DES-CBC3-SHA
Accepted  SSLv3  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  SSLv3  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  SSLv3  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Accepted  SSLv3  168 bits  DES-CBC3-SHA
Accepted  SSLv3  56 bits   DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-DES-CBC-SHA
Rejected  SSLv3  40 bits   EXP-RC2-CBC-MD5
Accepted  SSLv3  128 bits  RC4-SHA
Accepted  SSLv3  128 bits  RC4-MD5
Rejected  SSLv3  40 bits   EXP-RC4-MD5
Rejected  SSLv3  0 bits    NULL-SHA
Rejected  SSLv3  0 bits    NULL-MD5
Rejected  TLSv1  256 bits  ADH-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  DHE-RSA-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-CAMELLIA256-SHA
Rejected  TLSv1  256 bits  CAMELLIA256-SHA
Rejected  TLSv1  128 bits  ADH-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  DHE-RSA-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-CAMELLIA128-SHA
Rejected  TLSv1  128 bits  CAMELLIA128-SHA
Rejected  TLSv1  256 bits  ADH-AES256-SHA
Accepted  TLSv1  256 bits  DHE-RSA-AES256-SHA
Rejected  TLSv1  256 bits  DHE-DSS-AES256-SHA
Accepted  TLSv1  256 bits  AES256-SHA
Rejected  TLSv1  128 bits  ADH-AES128-SHA
Accepted  TLSv1  128 bits  DHE-RSA-AES128-SHA
Rejected  TLSv1  128 bits  DHE-DSS-AES128-SHA
Accepted  TLSv1  128 bits  AES128-SHA
Rejected  TLSv1  168 bits  ADH-DES-CBC3-SHA
Rejected  TLSv1  56 bits   ADH-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-ADH-DES-CBC-SHA
Rejected  TLSv1  128 bits  ADH-RC4-MD5
Rejected  TLSv1  40 bits   EXP-ADH-RC4-MD5
Accepted  TLSv1  168 bits  EDH-RSA-DES-CBC3-SHA
Accepted  TLSv1  56 bits   EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-RSA-DES-CBC-SHA
Rejected  TLSv1  168 bits  EDH-DSS-DES-CBC3-SHA
Rejected  TLSv1  56 bits   EDH-DSS-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-EDH-DSS-DES-CBC-SHA
Accepted  TLSv1  168 bits  DES-CBC3-SHA
Accepted  TLSv1  56 bits   DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-DES-CBC-SHA
Rejected  TLSv1  40 bits   EXP-RC2-CBC-MD5
Accepted  TLSv1  128 bits  RC4-SHA
Accepted  TLSv1  128 bits  RC4-MD5
Rejected  TLSv1  40 bits   EXP-RC4-MD5
Rejected  TLSv1  0 bits    NULL-SHA
Rejected  TLSv1  0 bits    NULL-MD5

Prefered Server Cipher(s):
SSLv3  256 bits  DHE-RSA-AES256-SHA
TLSv1  256 bits  DHE-RSA-AES256-SHA

SSL Certificate:
Version: 2
Serial Number: 676
Signature Algorithm: sha1WithRSAEncryption
Issuer: /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=httpstest/emailAddress=ktux@httpstest
Not valid before: Apr 15 09:21:44 2009 GMT
Not valid after: Apr 15 09:21:44 2010 GMT
Subject: /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=httpstest/emailAddress=ktux@httpstest
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:[...]:3d
Exponent: 65537 (0x10001)
X509v3 Extensions:
X509v3 Subject Key Identifier:
A8:[...]:2C
X509v3 Authority Key Identifier:
keyid:A8:[...]:2C
DirName:/C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=httpstest/emailAddress=ktux@httpstest
serial:02:A4

X509v3 Basic Constraints:
CA:TRUE
Verify Certificate:
self signed certificate

Et voilà. En un claquement de doigt, on a sous la main les infos que l’on cherchait.

Après tout, n’est-ce pas l’objectif principal d’un outil que de vous simplifier la vie ?