-
Notifications
You must be signed in to change notification settings - Fork 2
CiscoCXSecurity/ManySSL
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
MANYSSL(1) User Contributed Perl Documentation
DESCRIPTION
This perl script will enumerate the SSL ciphers in use on any SSL encrypted service, including STARTTLS on SMTP. The script will warn the operator if a self
signed certificate is detected on a https encrypted service.
USAGE
Usage: ./manyssl1.6.pl [-h] [-f targets_file] [-m] [-s ip -p port] [-t timeout(secs)] [-c 128]
[-h] this help message
[-f] accept a file denoting targets, in the form ip:port
[-m] servers are a mailserver; perform starttls
[-s] server ip. Accepted forms: single ip 192.168.0.1 or range 192.168.0.1-254 or comma delimited 192.168.0.1,192.168.1.2
[-p] port number of ssl service
[-c 128] only display ciphers with a key length under 128 bits
[-r] Highlight weak ciphers in the color "RED"
[-t timeout] alter the timeout value in seconds (default 10 secs)
[-v CAfile] scan the server using client certificate CAfile (.pem or .crt)
UPDATING
update: ./manyssl.pl -u updates the cipher DB through openssl
AUTHOR
Copyright (C) 10-12-2008 Andy Portcullis tools@portcullis-security.com
WHATS NEW
2009-07-17
* Fixed Certificate parsing bug, that lead the program to crash.
2008-10-12
* Added support to use a specific CAfile when scanning the server
2008-17-11
* Improved output to display Key Exchange, Authentication Algorithm and MAC.
2008-11-11
* Added an option to use color or not (default color=off).
* Noticed the -f option didnt properly support ip_address:port, this has been corrected!
2008-09-03
Corrected the following error(s):
* Validation of SSL certificates (code would fail if first cipher in cipher list was not accepted)
2008-08-22
Improved the following:
* Validation of SSL certificates
* Checks expiration date of Certificates
2008-01-28
Improved the following:
* Basic check for Self Signed Certificates
* Support for STARTTLS on mail servers
REQUIREMENTS
Perl Libraries:
* Net::SSLeay
* Parallel::ForkManager
* Net::Packet::Utils
* IO::Socket::INET
* IO::Socket::SSL
* Term::ANSIColor
* Time::Local
LICENSE
manyssl - SSL cipher checker
Copyright (C) 2008 Portcullis
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
You are encouraged to send comments, improvements or suggestions to
me at tools@portcullis-security.com
perl v5.8.8 2008-11-17
About
ManySSL is a Perl script to enumerate supported SSL cipher suites supported by network services (principally HTTPS)
Resources
Stars
Watchers
Forks
Packages 0
No packages published