Created
August 30, 2018 13:57
-
-
Save 0xbadjuju/c27aa33ac2e1a9b0ffa2c37b865178dd to your computer and use it in GitHub Desktop.
Verify Weak Ciphers
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ -f ${1}_false_positive.txt ] | |
| then | |
| echo > ${1}_false_positive.txt | |
| fi | |
| if [ -f ${1}_verified.txt ] | |
| then | |
| echo > ${1}_verified.txt | |
| fi | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| DEFAULT='\033[0m' | |
| for line in $(cat $1 | sort) | |
| do | |
| echo openssl s_client -cipher 3DES:RC4:RC2:IDEA -connect ${line} | |
| TEST=$(timeout 5 openssl s_client -cipher 3DES:RC4:RC2:IDEA -connect ${l ine} 2>&1) &>/dev/null | |
| if echo $TEST | grep 'New, (NONE), Cipher is (NONE)' &>/dev/null | |
| then | |
| echo -e "\t $RED False Positive $DEFAULT" | |
| echo "$line" >> ${1}_false_positive.txt | |
| elif [ -z "$TEST" ] | |
| then | |
| echo -e "\t $RED UNABLE TO CONNECT $DEFAULT" | |
| echo $line >> ${1}_connect.txt | |
| elif echo $TEST | grep 'connect: Connection refused' &>/dev/null | |
| then | |
| echo -e "\t $RED UNABLE TO CONNECT $DEFAULT" | |
| echo $line >> ${1}_connect.txt | |
| else | |
| OUT=$(echo $TEST | grep -oP 'Cipher is [-a-zA-Z0-9]+\b') | |
| echo -e "\t $GREEN $OUT $DEFAULT" | |
| echo -e "$line\t$OUT" >> ${1}_verified.txt | |
| fi | |
| done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment