cmbuckley · December 18, 2019 17:24
diff --git a/summary.sh b/summary.sh
 #!/bin/bash

 fail() {
 	[ $raw -eq 1 ] && out=Fail || out=$1
 	echo -n -e "\e[91m$out\e[39m "
 }

 pass() {
 	[ $raw -eq 1 ] && out=Pass || out=$1
 	echo -n -e "\e[32m$out\e[39m "
 }

 raw=0
 if [[ $2 == "-r" ]]; then
 	raw=1
 	echo "Domain Logjam SWEET32 RC4 SSLv3 TLSv1.0"
 fi

 while read domain; do
 	echo -n "$domain: "
 	ciphers="$(nmap --script ssl-cert,ssl-enum-ciphers -p443 $domain)"

 	# Logjam
 	echo QUIT | openssl s_client -connect $domain:443 -cipher "EDH" 2>/dev/null | fgrep -q "Server Temp Key: DH" && fail Logjam || pass Logjam

 	# SWEET32
 	grep -q "3DES" <<< "$ciphers" && fail SWEET32 || pass SWEET32

 	# RC4
 	grep -q "RC4" <<< "$ciphers" && fail RC4 || pass RC4

 	# SSLv3
 	grep -q "SSL" <<< "$ciphers" && fail SSLv3 || pass SSLv3

 	# TLSv1.0
 	grep -q "TLSv1.0" <<< "$ciphers" && fail TLSv1.0 || pass TLSv1.0

 	echo
 done < $1
	#!/bin/bash

	fail() {
	[ $raw -eq 1 ] && out=Fail \|\| out=$1
	echo -n -e "\e[91m$out\e[39m "
	}

	pass() {
	[ $raw -eq 1 ] && out=Pass \|\| out=$1
	echo -n -e "\e[32m$out\e[39m "
	}

	raw=0
	if [[ $2 == "-r" ]]; then
	raw=1
	echo "Domain Logjam SWEET32 RC4 SSLv3 TLSv1.0"
	fi

	while read domain; do
	echo -n "$domain: "
	ciphers="$(nmap --script ssl-cert,ssl-enum-ciphers -p443 $domain)"

	# Logjam
	echo QUIT \| openssl s_client -connect $domain:443 -cipher "EDH" 2>/dev/null \| fgrep -q "Server Temp Key: DH" && fail Logjam \|\| pass Logjam

	# SWEET32
	grep -q "3DES" <<< "$ciphers" && fail SWEET32 \|\| pass SWEET32

	# RC4
	grep -q "RC4" <<< "$ciphers" && fail RC4 \|\| pass RC4

	# SSLv3
	grep -q "SSL" <<< "$ciphers" && fail SSLv3 \|\| pass SSLv3

	# TLSv1.0
	grep -q "TLSv1.0" <<< "$ciphers" && fail TLSv1.0 \|\| pass TLSv1.0

	echo
	done < $1