Created
October 15, 2014 13:51
-
-
Save Caffe1neAdd1ct/75040d8b2daa5bf243f2 to your computer and use it in GitHub Desktop.
Test script for SSLv3 Poodle Bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| HOST=$1 | |
| PORT=$2 | |
| INJECTION="sslv3 alert handshake failure" | |
| OUTPUT=$(openssl s_client -connect $HOST:$PORT -ssl3 2>&1); | |
| FAILED="connect:errno" | |
| if [[ $OUTPUT == *"$INJECTION"* ]] | |
| then | |
| echo -e "Server is secure and refusing communications on sslv3." | |
| elif [[ $OUTPUT == *"$FAILED"* ]] | |
| then | |
| echo -e "Connection to host / port failed."; | |
| else | |
| echo -e "WARNING - Server is vulnerable please stop communication on sslv3 for the tested port / site."; | |
| fi |
This script gives false possitive when test Postfix submission port
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Download above test script:
Make executable:
Run with host and port parameters:
Change host and port parameters to test your own servers and services using ssl.