-
Notifications
You must be signed in to change notification settings - Fork 19
/
Copy pathREADME
135 lines (115 loc) · 5.92 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
_
| | version 0.2.0
___ ___| |_ __ ___ __ _ _ __
/ __/ __| | '_ ` _ \ / _` | '_ \
\__ \__ \ | | | | | | (_| | |_) |
|___/___/_|_| |_| |_|\__,_| .__/
| |
|_|
D O C U M E N T A T I O N
The latest version of this document can be obtained from http://thesprawl.org/projects/sslmap/
SSLMap is a lightweight TLS/SSL cipher suite scanner. The tool was designed to meet the need of a simple but reliable way to detect weak ciphers suites enabled on SSL endpoints. SSLMap uses a custom SSL engine to avoid unnecessary limitations imposed by existing libraries, as a result it is capable of detecting uncommon cipher suites (e.g. GOST).
Sample Session
==============
Let's run a sample scan against *thesprawl.org*:
$ python sslmap.py --host thesprawl.org
_
| | version 0.2.0
___ ___| |_ __ ___ __ _ _ __
/ __/ __| | '_ ` _ \ / _` | '_ \
\__ \__ \ | | | | | | (_| | |_) |
|___/___/_|_| |_| |_|\__,_| .__/
| |
[*] Scanning thesprawl.org:443 for 229 known cipher suites.
[+] TLS_RSA_WITH_AES_128_CBC_SHA (0x00002F)
[+] TLS_DHE_RSA_WITH_DES_CBC_SHA (0x000015)
[+] TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA (0x000014)
[+] TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x000016)
[+] TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x000039)
[+] TLS_RSA_WITH_AES_256_CBC_SHA (0x000035)
[+] TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x000033)
[+] TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x00000A)
[+] TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 (0x000006)
[+] TLS_RSA_WITH_RC4_128_MD5 (0x000004)
[+] TLS_RSA_WITH_RC4_128_SHA (0x000005)
[+] TLS_RSA_EXPORT_WITH_RC4_40_MD5 (0x000003)
[+] TLS_RSA_EXPORT_WITH_DES40_CBC_SHA (0x000008)
[+] TLS_RSA_WITH_DES_CBC_SHA (0x000009)
[+] SSL2_DES_64_CBC_WITH_MD5 (0x060040)
[+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x040080)
[+] SSL2_RC4_128_WITH_MD5 (0x010080)
[+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x030080)
[+] SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700C0)
[+] SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080)
==================== Scan Results ====================
The following cipher suites were rated as HIGH:
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA
The following cipher suites were rated as MEDIUM:
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
The following cipher suites were rated as EXPORT:
TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5
TLS_RSA_EXPORT_WITH_RC4_40_MD5
TLS_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL2_RC4_128_EXPORT40_WITH_MD5
The following cipher suites were rated as LOW:
TLS_DHE_RSA_WITH_DES_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
SSL2_DES_64_CBC_WITH_MD5
SSL2_RC2_CBC_128_CBC_WITH_MD5
SSL2_RC4_128_WITH_MD5
SSL2_RC2_CBC_128_CBC_WITH_MD5
SSL2_DES_192_EDE3_CBC_WITH_MD5
From the above output, you can tell that the server has several weak ciphers rated as EXPORT and LOW. In the ideal situation these ciphers should be removed from a production site. See the [TLS and SSL Cipher Suites](/research/tls-and-ssl-cipher-suites/) article on how to interpret the results.
If you would like to make your own decision on whether a particular cipher is weak or strong, you can repeat the scan with the *--verbose* flag enabled thus allowing you to see individual components of the cipher suite and how the rating was calculated. Below is a snippet of the above scan with the *verbose* flag enabled:
...
[*] Using SSL v2.0 handshake.
[+] SSL2_DES_64_CBC_WITH_MD5 (0x060040)
Specs: Kx=RSA, Au=RSA, Enc=DES_64_CBC, Bits=64, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW
[+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x040080)
Specs: Kx=RSA, Au=RSA, Enc=RC2_CBC_128_CBC, Bits=128, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW
[+] SSL2_RC4_128_WITH_MD5 (0x010080)
Specs: Kx=RSA, Au=RSA, Enc=RC4_128, Bits=128, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=MEDIUM, Overall=LOW
[+] SSL2_RC2_CBC_128_CBC_WITH_MD5 (0x030080)
Specs: Kx=RSA, Au=RSA, Enc=RC2_CBC_128_CBC, Bits=128, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=LOW, Overall=LOW
[+] SSL2_DES_192_EDE3_CBC_WITH_MD5 (0x0700C0)
Specs: Kx=RSA, Au=RSA, Enc=DES_192_EDE3_CBC, Bits=192, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=HIGH, Overall=LOW
[+] SSL2_RC4_128_EXPORT40_WITH_MD5 (0x020080)
Specs: Kx=RSA, Au=RSA, Enc=RC4_128_EXPORT40, Bits=40, Mac=MD5
Score: Kx/Au=LOW, Enc/MAC=EXPORT, Overall=EXPORT
...
Help Screen
===========
The help screen shows a brief outline of tool's functionality:
Usage: sslmap.py [options]
Options:
-h, --help show this help message and exit
--host=gmail.com host
--port=443 port
--fuzz fuzz all possible cipher values (takes time)
--tls1 use TLS v1.0 handshake
--tls11 use TLS v1.1 handshake
--tls12 use TLS v1.2 handshake
--tls13 use TLS v1.3 handshake (future use)
--ssl3 use SSL3 handshake
--ssl2 use SSL2 handshake
--verbose enable verbose output
--db=ciphers.csv external cipher suite database. DB Format:
cipher_id,name,protocol,Kx,Au,Enc,Bits,Mac,Auth
Strength,Enc Strength,Overall Strength
Usage: sslmap.py [options]
Fuzzing
=======
As a special note on the *--fuzz* parameter, you may use it to both stress test as well as discover yet unknown cipher suites on a target system. Naturally as there are a few million possible values for the cipher suite parameter, the test may run for some time.