Monday, July 4, 2022

Bash: shell script to obtain the cipher list of a server


#!/bin/bash
 
SERVER=$1
 
if [[ "$SERVER" == "" ]]; then
  echo "Usage: $0 hostname:port"
  exit
fi
 
DELAY=2
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')
 
for cipher in ${ciphers[@]}
do
  echo -n Testing $cipher ...
  result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)
 
  if [[ "$result" =~ "Session-ID:" ]]; then
    echo "YES"
  else
    if [[ "$result" =~ ":error:" ]]; then
      error=$(echo -n $result | cut -d':' -f6)
      echo "NO \($error\)"
    elif [[ "$result" =~ "errno=104" ]]; then
      echo "NO \(Connection reset by peer\)"
    else
      echo "Unknown response"
    fi
  fi
 
  sleep $DELAY
done
 

No comments:

 
Get This <