sleeyax/README.md

Created February 29, 2020 19:39

Star () You must be signed in to star a gist
Fork () You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/sleeyax/36ca4beeb3588b7d40c7ada961765d4a.js"></script>
Save sleeyax/36ca4beeb3588b7d40c7ada961765d4a to your computer and use it in GitHub Desktop.

Download ZIP

Identifying TLS/SSL cipher suites

Raw

README.md

Identifying TLS/SSL cipher suites

A few methods to identify TLS/SSL cipher suites of a website.

nmap

nmap -Pn -p 443 --script=ssl-enum-ciphers <domain or ip>

python

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = ssl.wrap_socket(s,cert_reqs=ssl.CERT_REQUIRED, ca_certs='/etc/ssl/certs/ca-certificates.crt')
ssl_sock.connect((target, port))
print repr(ssl_sock.getpeername())
print ssl_sock.cipher()

-- output
> ssl-info
('12.34.56.78', 443)
('ECDHE-RSA-AES128-GCM-SHA256', 'TLSv1', 128)

openSSL

openssl s_client -host HOST -port PORT

WireShark

Watch for the 'Server Hello' packet from the server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment