Rappel :
Attention dans cet article l'outils est utilisé pour la recherche et l'apprentissage.
Ce type d'outils ne doit pas être utilisé vers un serveur qui ne vous appartient pas, ceci peut être puni par la loi (voir les articles 323-XX).
Environnement de test :
Pour cela nous allons utiliser une VM tournant sur la distribution Kali .
SSLScan est installé de base sur Kali.
Utilisation :
La commande et ses options
1 root @kali :~ # sslscan -h
2
3 | | __
4 / / | / |/ __ / ` | ' \
5 _ _ \ _ \ (| ( | | | | |
6 |/ /| /_ _, || | |
7
8
9 1.11.5-static
10 OpenSSL 1.0.2h-dev xx XXX xxxx
11 Command:
12 sslscan [Options] [host:port | host]
13
14 Options:
15 --targets=<file> A file containing a list of hosts to check.
16 Hosts can be supplied with ports (host:port)
17 --ipv4 Only use IPv4
18 --ipv6 Only use IPv6
19 --show-certificate Show full certificate information
20 --no-check-certificate Don't warn about weak certificate algorithm or keys
21 --show-client-cas Show trusted CAs for TLS client auth
22 --show-ciphers Show supported client ciphers
23 --show-cipher-ids Show cipher ids
24 --show-times Show handhake times in milliseconds
25 --ssl2 Only check SSLv2 ciphers
26 --ssl3 Only check SSLv3 ciphers
27 --tls10 Only check TLSv1.0 ciphers
28 --tls11 Only check TLSv1.1 ciphers
29 --tls12 Only check TLSv1.2 ciphers
30 --tlsall Only check TLS ciphers (all versions)
31 --ocsp Request OCSP response from server
32 --pk=<file> A file containing the private key or a PKCS#12 file
33 containing a private key/certificate pair
34 --pkpass=<password> The password for the private key or PKCS#12 file
35 --certs=<file> A file containing PEM/ASN1 formatted client certificates
36 --no-ciphersuites Do not check for supported ciphersuites
37 --no-renegotiation Do not check for TLS renegotiation
38 --no-compression Do not check for TLS compression (CRIME)
39 --no-heartbleed Do not check for OpenSSL Heartbleed (CVE-2014-0160)
40 --starttls-ftp STARTTLS setup for FTP
41 --starttls-imap STARTTLS setup for IMAP
42 --starttls-irc STARTTLS setup for IRC
43 --starttls-pop3 STARTTLS setup for POP3
44 --starttls-smtp STARTTLS setup for SMTP
45 --starttls-xmpp STARTTLS setup for XMPP
46 --starttls-psql STARTTLS setup for PostgreSQL
47 --xmpp-server Use a server-to-server XMPP handshake
48 --http Test a HTTP connection
49 --rdp Send RDP preamble before starting scan
50 --bugs Enable SSL implementation bug work-arounds
51 --timeout=<sec> Set socket timeout. Default is 3s
52 --sleep=<msec> Pause between connection request. Default is disabled
53 --xml=<file> Output results to an XML file
54 --version Display the program version
55 --verbose Display verbose output
56 --no-cipher-details Disable EC curve names and EDH/RSA key lengths output
57 --no-colour Disable coloured output
58 --help Display the help text you are now reading
59
60 Example:
61 sslscan 127.0.0.1
62 sslscan [::1]
La commande de base
1 root @kali :~ # sslscan mail.google.com
2 Version : 1 . 11 . 5 - static
3 OpenSSL 1 . 0 . 2 h - dev xx XXX xxxx
4
5 Testing SSL server mail . google . com on port 443
6
7 TLS renegotiation :
8 Secure session renegotiation supported
9
10 TLS Compression :
11 Compression disabled
12
13 Heartbleed :
14 TLS 1 . 2 not vulnerable to heartbleed
15 TLS 1 . 1 not vulnerable to heartbleed
16 TLS 1 . 0 not vulnerable to heartbleed
17
18 Supported Server Cipher ( s ):
19 Preferred TLSv1 . 2 128 bits ECDHE - RSA - AES128 - GCM - SHA256 Curve P - 256 DHE 256
20 Accepted TLSv1 . 2 128 bits ECDHE - RSA - AES128 - SHA Curve P - 256 DHE 256
21 Accepted TLSv1 . 2 128 bits AES128 - GCM - SHA256
22 Accepted TLSv1 . 2 128 bits AES128 - SHA
23 Accepted TLSv1 . 2 128 bits AES128 - SHA256
24 Accepted TLSv1 . 2 112 bits DES - CBC3 - SHA
25 Accepted TLSv1 . 2 256 bits ECDHE - RSA - AES256 - GCM - SHA384 Curve P - 256 DHE 256
26 Accepted TLSv1 . 2 128 bits ECDHE - RSA - AES128 - SHA256 Curve P - 256 DHE 256
27 Accepted TLSv1 . 2 256 bits ECDHE - RSA - AES256 - SHA Curve P - 256 DHE 256
28 Accepted TLSv1 . 2 256 bits ECDHE - RSA - AES256 - SHA384 Curve P - 256 DHE 256
29 Accepted TLSv1 . 2 256 bits AES256 - GCM - SHA384
30 Accepted TLSv1 . 2 256 bits AES256 - SHA
31 Accepted TLSv1 . 2 256 bits AES256 - SHA256
32 Preferred TLSv1 . 1 128 bits ECDHE - RSA - AES128 - SHA Curve P - 256 DHE 256
33 Accepted TLSv1 . 1 128 bits AES128 - SHA
34 Accepted TLSv1 . 1 112 bits DES - CBC3 - SHA
35 Accepted TLSv1 . 1 256 bits ECDHE - RSA - AES256 - SHA Curve P - 256 DHE 256
36 Accepted TLSv1 . 1 256 bits AES256 - SHA
37 Preferred TLSv1 . 0 128 bits ECDHE - RSA - AES128 - SHA Curve P - 256 DHE 256
38 Accepted TLSv1 . 0 128 bits AES128 - SHA
39 Accepted TLSv1 . 0 112 bits DES - CBC3 - SHA
40 Accepted TLSv1 . 0 256 bits ECDHE - RSA - AES256 - SHA Curve P - 256 DHE 256
41 Accepted TLSv1 . 0 256 bits AES256 - SHA
42
43 SSL Certificate :
44 Signature Algorithm : sha256WithRSAEncryption
45 RSA Key Strength : 2048
46
47 Subject : mail . google . com
48 Altnames : DNS : mail . google . com , DNS : inbox . google . com
49 Issuer : Google Internet Authority G2
50
51 Not valid before : Jul 20 10 : 25 : 50 2016 GMT
52 Not valid after : Oct 12 09 : 58 : 00 2016 GMT