Created
February 23, 2011 09:23
-
-
Save jvhaarst/840219 to your computer and use it in GitHub Desktop.
sslscan and ssl_test mijn.ing.nl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sslscan --no-failed mijn.ing.nl | |
_ | |
___ ___| |___ ___ __ _ _ __ | |
/ __/ __| / __|/ __/ _` | '_ \ | |
\__ \__ \ \__ \ (_| (_| | | | | | |
|___/___/_|___/\___\__,_|_| |_| | |
Version 1.8.2 | |
http://www.titania.co.uk | |
Copyright Ian Ventura-Whiting 2009 | |
Testing SSL server mijn.ing.nl on port 443 | |
Supported Server Cipher(s): | |
Accepted SSLv3 128 bits RC4-SHA | |
Accepted TLSv1 128 bits RC4-SHA | |
Prefered Server Cipher(s): | |
SSLv3 128 bits RC4-SHA | |
TLSv1 128 bits RC4-SHA | |
SSL Certificate: | |
Version: 2 | |
Serial Number: -4294967295 | |
Signature Algorithm: sha1WithRSAEncryption | |
Issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation SSL SGC CA | |
Not valid before: Oct 11 00:00:00 2010 GMT | |
Not valid after: Oct 30 23:59:59 2011 GMT | |
Subject: /1.3.6.1.4.1.311.60.2.1.3=NL/businessCategory=Private Organization/serialNumber=33031431/C=NL/postalCode=1102 MG/ST=Noord-Holland/L=Amsterdam Zuidoost/street=Bijlmerplein 888/O=ING BANK N.V./OU=Retail/CN=mijn.ing.nl | |
Public Key Algorithm: rsaEncryption | |
RSA Public Key: (2048 bit) | |
Modulus (2048 bit): | |
00:c0:3f:0a:19:dd:21:21:b5:15:92:d2:40:0c:f5: | |
d0:03:6c:1c:e8:04:79:4f:6b:b0:3b:09:8f:d8:2c: | |
b0:09:d1:d5:03:45:1a:36:6d:5c:b5:6f:ee:9a:53: | |
c9:7b:69:7f:7f:55:8d:b5:a4:e5:d5:07:18:9e:ef: | |
b1:23:ee:28:79:f0:63:dd:38:d7:a7:54:be:72:36: | |
90:82:d2:24:a4:1f:7f:05:4b:86:cd:d3:f1:dc:17: | |
ef:61:32:3d:f2:62:8f:43:54:f4:59:9e:59:d2:fe: | |
ea:95:b0:4b:8e:0c:11:51:c2:27:2e:86:10:3f:1f: | |
04:a4:f9:c9:16:1b:9d:4b:b2:32:81:f5:2e:20:1d: | |
37:0c:d2:fd:be:a4:76:2b:ad:b1:bb:c5:12:6d:02: | |
41:ab:d9:76:a6:12:4e:7a:01:43:bb:ab:8a:00:18: | |
a2:59:e5:ba:a9:21:3d:74:41:aa:20:c4:61:df:83: | |
ae:27:36:9f:86:c9:ce:66:fb:fd:b9:78:a8:b9:01: | |
01:b6:5c:d7:10:1c:1e:96:9f:c1:b8:51:03:85:1d: | |
c9:0c:f0:8f:c0:78:67:62:fa:c9:73:15:41:0e:f7: | |
96:9b:b7:23:71:c9:df:6e:9f:34:0a:f1:a5:78:fc: | |
90:42:d9:1d:04:36:bf:20:55:b9:4d:cb:76:5a:a3: | |
8a:9b | |
Exponent: 65537 (0x10001) | |
X509v3 Extensions: | |
X509v3 Basic Constraints: | |
CA:FALSE | |
X509v3 Subject Key Identifier: | |
CC:14:12:CD:FA:A1:54:57:75:AA:69:8E:03:11:57:95:DF:0D:86:A6 | |
X509v3 Key Usage: | |
Digital Signature, Key Encipherment | |
X509v3 Certificate Policies: | |
Policy: 2.16.840.1.113733.1.7.23.6 | |
CPS: https://www.verisign.com/rpa | |
X509v3 CRL Distribution Points: | |
URI:http://EVIntl-crl.verisign.com/EVIntl2006.crl | |
X509v3 Extended Key Usage: | |
TLS Web Server Authentication, TLS Web Client Authentication, Netscape Server Gated Crypto | |
X509v3 Authority Key Identifier: | |
keyid:4E:43:C8:1D:76:EF:37:53:7A:4F:F2:58:6F:94:F3:38:E2:D5:BD:DF | |
Authority Information Access: | |
OCSP - URI:http://EVIntl-ocsp.verisign.com | |
CA Issuers - URI:http://EVIntl-aia.verisign.com/EVIntl2006.cer | |
1.3.6.1.5.5.7.1.12: | |
0`.^.\0Z0X0V..image/gif0!0.0...+......Kk.(.....R8.).K..!..0&.$http://logo.verisign.com/vslogo1.gif | |
Verify Certificate: | |
unable to get local issuer certificate |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
./ssl_test.sh 145.221.55.11 443 | |
+++++++++++++++++++++++++++++++++++++++++++++++++ | |
SSL Tests - v2, weak ciphers, MD5, Renegotiation | |
by Aung Khant, http://yehg.net | |
+++++++++++++++++++++++++++++++++++++++++++++++++ | |
[*] testing on 145.221.55.11:443 .. | |
[*] tesing for sslv2 .. | |
[*] sslscan 145.221.55.11:443 | grep Accepted SSLv2 | |
[*] testing for weak ciphers ... | |
[*] sslscan 145.221.55.11:443 | grep 40 bits | grep Accepted | |
[*] sslscan 145.221.55.11:443 | grep 56 bits | grep Accepted | |
[*] testing for MD5 certificate .. | |
[*] sslscan 145.221.55.11:443 | grep MD5WithRSAEncryption | |
[*] testing for SSLv3 Force Ciphering Bug/Renegotiation .. | |
[*] echo R | openssl s_client -connect 145.221.55.11:443 | grep DONE | |
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 | |
verify error:num=20:unable to get local issuer certificate | |
verify return:0 | |
RENEGOTIATING | |
depth=2 /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5 | |
verify error:num=20:unable to get local issuer certificate | |
verify return:0 | |
DONE | |
[*] done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment