Skip to content
/ a2sv Public

Escaneo automático a vulnerabilidad de SSL HeartBleed, CCS Injection, SSLv3 POODLE, FREAK

License

MIT license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

TheRipperJhon/a2sv

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

135 Commits

module

module

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

a2sv.py

a2sv.py

 
 

install.sh

install.sh

 
 

requirements.txt

requirements.txt

 
 

version

version

 
 

Repository files navigation

MIT License

1. A2SV?

Auto Scanning to SSL Vulnerability.

HeartBleed, CCS Injection, SSLv3 POODLE, FREAK... etc

A. Support Vulnerability

- CVE-2007-1858] Anonymous Cipher
- CVE-2012-4929] CRIME(SPDY)
- CVE-2014-0160] CCS Injection
- CVE-2014-0224] HeartBleed
- CVE-2014-3566] SSLv3 POODLE
- CVE-2015-0204] FREAK Attack
- CVE-2015-4000] LOGJAM Attack
- CVE-2016-0800] SSLv2 DROWN

B. Dev Plan

- PLAN] SSL ACCF
- PLAN] SSL Information Analysis

2. How to Install?

A. Download(clone) & Unpack A2SV

$ git clone https://github.com/hahwul/a2sv.git
$ cd a2sv

B. Install Python Package / OpenSSL

$ pip install argparse
$ pip install netaddr

$ apt-get install openssl

C. Run A2SV

$ python a2sv.py -h

3. How to Use?

usage: a2sv [-h] [-t TARGET] [-tf TARGETFILE] [-p PORT] [-m MODULE]
[-d DISPLAY] [-u] [-v]

optional arguments:
  -h, --helpshow this help message and exit
  -t TARGET, --target TARGET
Target URL and IP Address
 $ e.g -t 127.0.0.1
  -tf TARGETFILE, --targetfile TARGETFILE
Target file(list) URL and IP Address
 $ e.g -tf ./target.list
  -p PORT, --port PORT  Custom Port / Default: 443
 $ e.g -p 8080
  -m MODULE, --module MODULE
Check SSL Vuln with one module
[anonymous]: Anonymous Cipher
[crime]: Crime(SPDY)
[heart]: HeartBleed
[ccs]: CCS Injection
[poodle]: SSLv3 POODLE
[freak]: OpenSSL FREAK
[logjam]: OpenSSL LOGJAM
[drown]: SSLv2 DROWN
  -d DISPLAY, --display DISPLAY
Display output
[Y,y] Show output
[N,n] Hide output
  -o OUT, --out OUT Result write to file
 $ e.g -o /home/yourdir/result.txt
  -u, --update  Update A2SV (GIT)
  -v, --version Show Version

[Scan SSL Vulnerability]

$ python a2sv.py -t 127.0.0.1

$ python a2sv.py -t 127.0.0.1 -m heartbleed

$ python a2sv.py -t 127.0.0.1 -d n

$ python a2sv.py -t 127.0.0.1 -p 8111

$ python a2sv.py -tf target_list.txt

[Update A2SV]

$ python a2sv.py -u

$ python a2sv.py --update

4. Support

Submit New Issue(github)

Contact hahwul@gmail.com

5. Screen shot

6. Code Reference Site

- poodle : https://github.com/supersam654/Poodle-Checker

- heartbleed : https://github.com/sensepost/heartbleed-poc

- ccs injection : https://github.com/Tripwire/OpenSSL-CCS-Inject-Test

- freak : https://gist.github.com/martinseener/d50473228719a9554e6a

About

Escaneo automático a vulnerabilidad de SSL HeartBleed, CCS Injection, SSLv3 POODLE, FREAK

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 6

Languages