Skip to content

Instantly share code, notes, and snippets.

@anguschiu1

anguschiu1/nmap.md

Created October 3, 2019 07:14
Show Gist options
  • Save anguschiu1/e063b2f26c65d467c87d11ca698344c4 to your computer and use it in GitHub Desktop.
Save anguschiu1/e063b2f26c65d467c87d11ca698344c4 to your computer and use it in GitHub Desktop.
Download ZIP
[NMAP security scanner]#CLI
Raw
nmap.md

Detect cipher suite used by server

nmap -sV --script ssl-enum-ciphers -p 443 google.com

anguschiu@HKG280141:/mnt/c/Users/itangusc/dev$ nmap -sV --script ssl-enum-ciphers -p 443 google.com

Starting Nmap 7.60 ( https://nmap.org ) at 2019-10-03 15:12 DST
Nmap scan report for google.com (172.217.24.206)
Host is up (0.0057s latency).
Other addresses for google.com (not scanned): 2404:6800:4005:801::200e
rDNS record for 172.217.24.206: hkg12s13-in-f14.1e100.net

PORT    STATE SERVICE   VERSION
443/tcp open  ssl/https gws
| fingerprint-strings:
|   GetRequest:
|     HTTP/1.0 200 OK
|     Date: Thu, 03 Oct 2019 07:12:14 GMT
|     Expires: -1
|     Cache-Control: private, max-age=0
|     Content-Type: text/html; charset=ISO-8859-1
|     P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
|     Server: gws
|     X-XSS-Protection: 0
|     X-Frame-Options: SAMEORIGIN
|     Set-Cookie: 1P_JAR=2019-10-03-07; expires=Sat, 02-Nov-2019 07:12:14 GMT; path=/; domain=.google.com; SameSite=none
|     Set-Cookie: NID=188=R-AON1-ou7GFx-RL2P05yWGbtgpGXeekYooiS57Rl3BOsbt9ymAT-OrcK6PkIX9G3cHDxhrCWJ0AqBi6Z_qqQ7mGHp32WZCOB8c9XMM-6vhqEfGCybiTqDLTmGUzotwvPIWEtEQMQesIiwpmZ-KZXwiiM4xKYjGBXEsfykRBO7M; expires=Fri, 03-Apr-2020 07:12:14 GMT; path=/; domain=.google.com; HttpOnly
|     Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
|     Accept-Ranges: none
|     Vary: Accept-Encoding
|     <!doctype html><html itemscope="" itemtype="http://schema.org/W
|   HTTPOptions:
|     HTTP/1.0 405 Method Not Allowed
|     Allow: GET, HEAD
|     Date: Thu, 03 Oct 2019 07:12:14 GMT
|     Content-Type: text/html; charset=UTF-8
|     Server: gws
|     Content-Length: 1592
|     X-XSS-Protection: 0
|     X-Frame-Options: SAMEORIGIN
|     Alt-Svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
|     <!DOCTYPE html>
|     <html lang=en>
|     <meta charset=utf-8>
|     <meta name=viewport content="initial-scale=1, minimum-scale=1, width=device-width">
|     <title>Error 405 (Method Not Allowed)!!1</title>
|     <style>
|_    *{margin:0;padding:0}html,code{font:15px/22px arial,sans-serif}html{background:#fff;color:#222;padding:15px}body{margin:7% auto 0;max-width:390px;min-height:180px;padding:30px 0 15px}* > body{background:url(//www.google.com/images/errors/robot.png) 100% 5px no-repeat;padding-right:205px}p{margin:11px 0 22px;overflow:hidden}ins{color:#777;text-decoratio
|_http-server-header: gws
| ssl-enum-ciphers:
|   TLSv1.0:
|     ciphers:
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|   TLSv1.1:
|     ciphers:
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|   TLSv1.2:
|     ciphers:
|       TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA (prime256v1) - A
|       TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_GCM_SHA256 (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_GCM_SHA384 (rsa 2048) - A
|       TLS_RSA_WITH_AES_128_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_AES_256_CBC_SHA (rsa 2048) - A
|       TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
|     compressors:
|       NULL
|     cipher preference: server
|     warnings:
|       64-bit block cipher 3DES vulnerable to SWEET32 attack
|_  least strength: C
1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at https://nmap.org/cgi-bin/submit.cgi?new-service :
SF-Port443-TCP:V=7.60%T=SSL%I=7%D=10/3%Time=5D959F50%P=x86_64-pc-linux-gnu
SF:%r(GetRequest,BC5F,"HTTP/1\.0\x20200\x20OK\r\nDate:\x20Thu,\x2003\x20Oc
SF:t\x202019\x2007:12:14\x20GMT\r\nExpires:\x20-1\r\nCache-Control:\x20pri
SF:vate,\x20max-age=0\r\nContent-Type:\x20text/html;\x20charset=ISO-8859-1
SF:\r\nP3P:\x20CP=\"This\x20is\x20not\x20a\x20P3P\x20policy!\x20See\x20g\.
SF:co/p3phelp\x20for\x20more\x20info\.\"\r\nServer:\x20gws\r\nX-XSS-Protec
SF:tion:\x200\r\nX-Frame-Options:\x20SAMEORIGIN\r\nSet-Cookie:\x201P_JAR=2
SF:019-10-03-07;\x20expires=Sat,\x2002-Nov-2019\x2007:12:14\x20GMT;\x20pat
SF:h=/;\x20domain=\.google\.com;\x20SameSite=none\r\nSet-Cookie:\x20NID=18
SF:8=R-AON1-ou7GFx-RL2P05yWGbtgpGXeekYooiS57Rl3BOsbt9ymAT-OrcK6PkIX9G3cHDx
SF:hrCWJ0AqBi6Z_qqQ7mGHp32WZCOB8c9XMM-6vhqEfGCybiTqDLTmGUzotwvPIWEtEQMQesI
SF:iwpmZ-KZXwiiM4xKYjGBXEsfykRBO7M;\x20expires=Fri,\x2003-Apr-2020\x2007:1
SF:2:14\x20GMT;\x20path=/;\x20domain=\.google\.com;\x20HttpOnly\r\nAlt-Svc
SF::\x20quic=\":443\";\x20ma=2592000;\x20v=\"46,43\",h3-Q048=\":443\";\x20
SF:ma=2592000,h3-Q046=\":443\";\x20ma=2592000,h3-Q043=\":443\";\x20ma=2592
SF:000\r\nAccept-Ranges:\x20none\r\nVary:\x20Accept-Encoding\r\n\r\n<!doct
SF:ype\x20html><html\x20itemscope=\"\"\x20itemtype=\"http://schema\.org/W"
SF:)%r(HTTPOptions,78D,"HTTP/1\.0\x20405\x20Method\x20Not\x20Allowed\r\nAl
SF:low:\x20GET,\x20HEAD\r\nDate:\x20Thu,\x2003\x20Oct\x202019\x2007:12:14\
SF:x20GMT\r\nContent-Type:\x20text/html;\x20charset=UTF-8\r\nServer:\x20gw
SF:s\r\nContent-Length:\x201592\r\nX-XSS-Protection:\x200\r\nX-Frame-Optio
SF:ns:\x20SAMEORIGIN\r\nAlt-Svc:\x20quic=\":443\";\x20ma=2592000;\x20v=\"4
SF:6,43\",h3-Q048=\":443\";\x20ma=2592000,h3-Q046=\":443\";\x20ma=2592000,
SF:h3-Q043=\":443\";\x20ma=2592000\r\n\r\n<!DOCTYPE\x20html>\n<html\x20lan
SF:g=en>\n\x20\x20<meta\x20charset=utf-8>\n\x20\x20<meta\x20name=viewport\
SF:x20content=\"initial-scale=1,\x20minimum-scale=1,\x20width=device-width
SF:\">\n\x20\x20<title>Error\x20405\x20\(Method\x20Not\x20Allowed\)!!1</ti
SF:tle>\n\x20\x20<style>\n\x20\x20\x20\x20\*{margin:0;padding:0}html,code{
SF:font:15px/22px\x20arial,sans-serif}html{background:#fff;color:#222;padd
SF:ing:15px}body{margin:7%\x20auto\x200;max-width:390px;min-height:180px;p
SF:adding:30px\x200\x2015px}\*\x20>\x20body{background:url\(//www\.google\
SF:.com/images/errors/robot\.png\)\x20100%\x205px\x20no-repeat;padding-rig
SF:ht:205px}p{margin:11px\x200\x2022px;overflow:hidden}ins{color:#777;text
SF:-decoratio");
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment