Skip to content

Instantly share code, notes, and snippets.

@cmbuckley

cmbuckley/summary.sh

Created December 18, 2019 17:24
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save cmbuckley/382decfc033d644b9550c2ea941b4b00 to your computer and use it in GitHub Desktop.
Save cmbuckley/382decfc033d644b9550c2ea941b4b00 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
summary.sh
#!/bin/bash
fail() {
[ $raw -eq 1 ] && out=Fail || out=$1
echo -n -e "\e[91m$out\e[39m "
}
pass() {
[ $raw -eq 1 ] && out=Pass || out=$1
echo -n -e "\e[32m$out\e[39m "
}
raw=0
if [[ $2 == "-r" ]]; then
raw=1
echo "Domain Logjam SWEET32 RC4 SSLv3 TLSv1.0"
fi
while read domain; do
echo -n "$domain: "
ciphers="$(nmap --script ssl-cert,ssl-enum-ciphers -p443 $domain)"
# Logjam
echo QUIT | openssl s_client -connect $domain:443 -cipher "EDH" 2>/dev/null | fgrep -q "Server Temp Key: DH" && fail Logjam || pass Logjam
# SWEET32
grep -q "3DES" <<< "$ciphers" && fail SWEET32 || pass SWEET32
# RC4
grep -q "RC4" <<< "$ciphers" && fail RC4 || pass RC4
# SSLv3
grep -q "SSL" <<< "$ciphers" && fail SSLv3 || pass SSLv3
# TLSv1.0
grep -q "TLSv1.0" <<< "$ciphers" && fail TLSv1.0 || pass TLSv1.0
echo
done < $1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment