Last active
July 26, 2019 10:46
-
-
Save marvin-marvin/ceb6f9bb1ee9a5b796ca42de63355d5d to your computer and use it in GitHub Desktop.
ssl cipher check
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # please test against the LB endpoint and a node | |
| #syntax: ./cipher_check.sh <s3-endpoint>:443 | |
| #syntax: ./cipher_check.sh <node>:443 | |
| ### | |
| #!/usr/bin/env bash | |
| # OpenSSL requires the port number. | |
| SERVER=$1 | |
| DELAY=1 | |
| ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g') | |
| echo Obtaining cipher list from $(openssl version). | |
| for cipher in ${ciphers[@]} | |
| do | |
| result=$(echo -n | openssl s_client -cipher "$cipher" -tls1_2 -connect $SERVER 2>&1) | |
| if [[ "$result" =~ ":error:" ]] ; then | |
| echo -n | |
| else | |
| if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher :" ]] ; then | |
| echo "YES: "$cipher | |
| fi | |
| fi | |
| done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| nmap --script ssl-enum-ciphers -p PORT URL |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment