Last active
July 30, 2018 14:23
-
-
Save masterkawaster/4595c521d0db324eccc5decc379a3513 to your computer and use it in GitHub Desktop.
cipher suites matter
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # problem description and cve's: | |
| https://www.gracefulsecurity.com/tls-ssl-vulnerabilities/ | |
| # example attack: | |
| # https://www.youtube.com/watch?v=3I_05zY6ZfM | |
| # install nmap | |
| # list cipher suites: | |
| nmap -sV --script ssl-enum-ciphers -p 443 <host> | |
| #rate based on this: https://github.com/ssllabs/research/wiki/SSL-Server-Rating-Guide | |
| #sweet32 | |
| https://sweet32.info/ | |
| (pl) https://kryptosfera.pl/post/3des-i-blowfish-w-opalach-atak-sweet32/ | |
| #RC4 NO MORE | |
| https://www.youtube.com/watch?time_continue=2&v=d8MtmKrXlKQ | |
| # nice article about cipher suites: | |
| https://medium.com/@davetempleton/tls-configuration-cipher-suites-and-protocols-a01ee7005778 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment