Last active
April 1, 2019 13:32
-
-
Save sdaaish/9c57968d1d987f675ed226ed12f3325f to your computer and use it in GitHub Desktop.
testssl.sh testenvironment
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
!*.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.4' | |
services: | |
testssl.sh: | |
container_name: testssl.sh | |
hostname: testssl | |
build: ./ | |
volumes: | |
- ./input:/home/testssl/input | |
- ./reports:/home/testssl/reports | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Copy from https://raw.githubusercontent.com/drwetter/testssl.sh/2.9dev/Dockerfile | |
FROM alpine:latest | |
RUN apk update && \ | |
apk upgrade && \ | |
apk add bash procps drill git coreutils && \ | |
apk add --no-cache curl | |
RUN addgroup testssl && \ | |
adduser -G testssl -g "testssl user" -s /bin/bash -D testssl && \ | |
ln -s /home/testssl/testssl.sh /usr/local/bin/ | |
USER testssl | |
WORKDIR /home/testssl/ | |
RUN git clone --depth=1 https://github.com/drwetter/testssl.sh.git . | |
ENTRYPOINT ["testssl.sh"] | |
CMD ["--help"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
service | linux.com/151.101.193.5 | 443 | INFO | HTTP | |||
---|---|---|---|---|---|---|---|
heartbleed | linux.com/151.101.193.5 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 | |
service | linux.com/151.101.129.5 | 443 | INFO | HTTP | |||
heartbleed | linux.com/151.101.129.5 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 | |
service | linux.com/151.101.65.5 | 443 | INFO | HTTP | |||
heartbleed | linux.com/151.101.65.5 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 | |
service | linux.com/151.101.1.5 | 443 | INFO | HTTP | |||
heartbleed | linux.com/151.101.1.5 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$ docker-compose run testssl.sh --file input/linux.com | |
Creating network "labbo_default" with the default driver | |
Building testssl.sh | |
Step 1/8 : FROM alpine:latest | |
---> 196d12cf6ab1 | |
Step 2/8 : RUN apk update && apk upgrade && apk add bash procps drill git coreutils && apk add --no-cache curl | |
---> Using cache | |
---> 711089b21d07 | |
Step 3/8 : RUN addgroup testssl && adduser -G testssl -g "testssl user" -s /bin/bash -D testssl && ln -s /home/testssl/testssl.sh /usr/local/bin/ | |
---> Using cache | |
---> 86e533c6c0ec | |
Step 4/8 : USER testssl | |
---> Using cache | |
---> 40334c0bbd3e | |
Step 5/8 : WORKDIR /home/testssl/ | |
---> Using cache | |
---> 86a640c5161e | |
Step 6/8 : RUN git clone --depth=1 https://github.com/drwetter/testssl.sh.git . | |
---> Using cache | |
---> eb6b868eb00d | |
Step 7/8 : ENTRYPOINT ["testssl.sh"] | |
---> Using cache | |
---> 31d1c85cfff5 | |
Step 8/8 : CMD ["--help"] | |
---> Using cache | |
---> b2bf9b986fae | |
Successfully built b2bf9b986fae | |
Successfully tagged labbo_testssl.sh:latest | |
WARNING: Image for service testssl.sh was built because it did not already exist. To rebuild this image you must use `docker-compose build` or `docker-compose up --build`. | |
########################################################### | |
testssl.sh 3.0rc4 from https://testssl.sh/dev/ | |
(742e01e 2019-03-25 00:12:55 -- ) | |
This program is free software. Distribution and | |
modification under GPLv2 permitted. | |
USAGE w/o ANY WARRANTY. USE IT AT YOUR OWN RISK! | |
Please file bugs @ https://testssl.sh/bugs/ | |
########################################################### | |
Using "OpenSSL 1.0.2-chacha (1.0.2k-dev)" [~183 ciphers] | |
on testssl:$PWD/bin/openssl.Linux.x86_64 | |
(built: "Jan 18 17:12:17 2019", platform: "linux-x86_64") | |
====== Running in file batch mode with file="input/linux.com" ====== | |
======================================== | |
/usr/local/bin/testssl.sh --warnings=batch -H --csvfile reports linux.com | |
/usr/local/bin/testssl.sh: line 894: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 895: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 896: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 897: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 898: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 899: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 904: reports/linux.com_p443-20190401-1308.csv: No such file or directory | |
Testing all IPv4 addresses (port 443): 151.101.193.5 151.101.129.5 151.101.65.5 151.101.1.5 | |
----------------------------------------------------- | |
Start 2019-04-01 13:08:36 -->> 151.101.193.5:443 (linux.com) <<-- | |
Further IP addresses: 151.101.129.5 151.101.65.5 151.101.1.5 | |
rDNS (151.101.193.5): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:08:39 [ 5s] -->> 151.101.193.5:443 (linux.com) <<-- | |
----------------------------------------------------- | |
Start 2019-04-01 13:08:40 -->> 151.101.129.5:443 (linux.com) <<-- | |
Further IP addresses: 151.101.193.5 151.101.65.5 151.101.1.5 | |
rDNS (151.101.129.5): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:08:43 [ 9s] -->> 151.101.129.5:443 (linux.com) <<-- | |
----------------------------------------------------- | |
Start 2019-04-01 13:08:43 -->> 151.101.65.5:443 (linux.com) <<-- | |
Further IP addresses: 151.101.193.5 151.101.129.5 151.101.1.5 | |
rDNS (151.101.65.5): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:08:46 [ 12s] -->> 151.101.65.5:443 (linux.com) <<-- | |
----------------------------------------------------- | |
Start 2019-04-01 13:08:46 -->> 151.101.1.5:443 (linux.com) <<-- | |
Further IP addresses: 151.101.193.5 151.101.129.5 151.101.65.5 | |
rDNS (151.101.1.5): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:08:49 [ 15s] -->> 151.101.1.5:443 (linux.com) <<-- | |
----------------------------------------------------- | |
Done testing now all IP addresses (on port 443): 151.101.193.5 151.101.129.5 151.101.65.5 151.101.1.5 | |
======================================== | |
/usr/local/bin/testssl.sh --warnings=batch -H --csvfile reports https://www.linux.com:443 | |
/usr/local/bin/testssl.sh: line 894: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 895: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 896: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 897: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 898: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 899: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 904: reports/www.linux.com_p443-20190401-1308.csv: No such file or directory | |
Start 2019-04-01 13:08:51 -->> 151.101.85.5:443 (www.linux.com) <<-- | |
rDNS (151.101.85.5): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:08:54 [ 5s] -->> 151.101.85.5:443 (www.linux.com) <<-- | |
======================================== | |
/usr/local/bin/testssl.sh --warnings=batch -H --jsonfile reports --logfile reports --htmlfile reports --csvfile reports https://www.freebsd.com:443 | |
/usr/local/bin/testssl.sh: line 894: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 895: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 896: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 897: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 898: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 899: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
/usr/local/bin/testssl.sh: line 904: reports/www.freebsd.com_p443-20190401-1308.csv: No such file or directory | |
Testing all IPv4 addresses (port 443): 18.207.52.84 54.89.43.110 35.172.243.120 | |
----------------------------------------------------- | |
Start 2019-04-01 13:08:56 -->> 18.207.52.84:443 (www.freebsd.com) <<-- | |
Further IP addresses: 54.89.43.110 35.172.243.120 | |
rDNS (18.207.52.84): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:09:04 [ 10s] -->> 18.207.52.84:443 (www.freebsd.com) <<-- | |
----------------------------------------------------- | |
Start 2019-04-01 13:09:04 -->> 54.89.43.110:443 (www.freebsd.com) <<-- | |
Further IP addresses: 18.207.52.84 35.172.243.120 | |
rDNS (54.89.43.110): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:09:13 [ 19s] -->> 54.89.43.110:443 (www.freebsd.com) <<-- | |
----------------------------------------------------- | |
Start 2019-04-01 13:09:13 -->> 35.172.243.120:443 (www.freebsd.com) <<-- | |
Further IP addresses: 18.207.52.84 54.89.43.110 | |
rDNS (35.172.243.120): -- | |
Service detected: HTTP | |
Testing for heartbleed vulnerability | |
Heartbleed (CVE-2014-0160) not vulnerable (OK), no heartbeat extension | |
Done 2019-04-01 13:09:22 [ 28s] -->> 35.172.243.120:443 (www.freebsd.com) <<-- | |
----------------------------------------------------- | |
Done testing now all IP addresses (on port 443): 18.207.52.84 54.89.43.110 35.172.243.120 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/c/Users/sdaa/Repos/testssl.sh: | |
total used in directory 16 available 105083584 | |
drwxrwxrwx 1 sdaa sdaa 4096 Apr 1 15:20 . | |
drwxrwxrwx 1 sdaa sdaa 4096 Apr 1 15:20 .. | |
drwxrwxrwx 1 sdaa sdaa 4096 Apr 1 15:20 .git | |
-rw-rw-rw- 1 sdaa sdaa 7 Apr 1 15:14 .gitignore | |
-rw-rw-rw- 1 sdaa sdaa 511 Apr 1 15:05 Dockerfile | |
-rw-rw-rw- 1 sdaa sdaa 196 Apr 1 15:05 docker-compose.yml | |
drwxrwxrwx 1 sdaa sdaa 4096 Apr 1 15:20 input | |
drwxrwxrwx 1 sdaa sdaa 4096 Apr 1 15:08 reports | |
-rw-rw-rw- 1 sdaa sdaa 8544 Apr 1 15:12 result.log |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
service | www.freebsd.com/18.207.52.84 | 443 | INFO | HTTP | |||
---|---|---|---|---|---|---|---|
heartbleed | www.freebsd.com/18.207.52.84 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 | |
service | www.freebsd.com/54.89.43.110 | 443 | INFO | HTTP | |||
heartbleed | www.freebsd.com/54.89.43.110 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 | |
service | www.freebsd.com/35.172.243.120 | 443 | INFO | HTTP | |||
heartbleed | www.freebsd.com/35.172.243.120 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8" ?> | |
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> | |
<!-- This file was created with testssl.sh. https://testssl.sh --> | |
<html xmlns="http://www.w3.org/1999/xhtml"> | |
<head> | |
<meta http-equiv="Content-Type" content="application/xml+xhtml; charset=UTF-8" /> | |
<title>testssl.sh</title> | |
</head> | |
<body> | |
<pre> | |
## Scan started as: "testssl.sh --warnings=batch -H --jsonfile reports --logfile reports --htmlfile reports --csvfile reports https://www.freebsd.com:443" | |
## at testssl:$PWD/bin/openssl.Linux.x86_64 | |
## version testssl: 3.0rc4 742e01e from 2019-03-25 | |
## version openssl: "OpenSSL 1.0.2-chacha" from "Jan 18 17:12:17 2019") | |
<span style="font-weight:bold;">Testing all IPv4 addresses (port 443): </span>18.207.52.84 54.89.43.110 35.172.243.120 | |
----------------------------------------------------- | |
<span style="color:white;background-color:black;"> Start 2019-04-01 13:08:56 -->> 18.207.52.84:443 (www.freebsd.com) <<--</span> | |
Further IP addresses: 54.89.43.110 35.172.243.120 | |
rDNS (18.207.52.84): -- | |
Service detected: HTTP | |
<span style="text-decoration:underline;font-weight:bold;"> Testing for heartbleed vulnerability </span> | |
<span style="font-weight:bold;"> Heartbleed</span> (CVE-2014-0160) <span style="color:lime;font-weight:bold;">not vulnerable (OK)</span>, no heartbeat extension | |
<span style="color:white;background-color:black;"> Done 2019-04-01 13:09:04 [ 10s] -->> 18.207.52.84:443 (www.freebsd.com) <<--</span> | |
----------------------------------------------------- | |
<span style="color:white;background-color:black;"> Start 2019-04-01 13:09:04 -->> 54.89.43.110:443 (www.freebsd.com) <<--</span> | |
Further IP addresses: 18.207.52.84 35.172.243.120 | |
rDNS (54.89.43.110): -- | |
Service detected: HTTP | |
<span style="text-decoration:underline;font-weight:bold;"> Testing for heartbleed vulnerability </span> | |
<span style="font-weight:bold;"> Heartbleed</span> (CVE-2014-0160) <span style="color:lime;font-weight:bold;">not vulnerable (OK)</span>, no heartbeat extension | |
<span style="color:white;background-color:black;"> Done 2019-04-01 13:09:13 [ 19s] -->> 54.89.43.110:443 (www.freebsd.com) <<--</span> | |
----------------------------------------------------- | |
<span style="color:white;background-color:black;"> Start 2019-04-01 13:09:13 -->> 35.172.243.120:443 (www.freebsd.com) <<--</span> | |
Further IP addresses: 18.207.52.84 54.89.43.110 | |
rDNS (35.172.243.120): -- | |
Service detected: HTTP | |
<span style="text-decoration:underline;font-weight:bold;"> Testing for heartbleed vulnerability </span> | |
<span style="font-weight:bold;"> Heartbleed</span> (CVE-2014-0160) <span style="color:lime;font-weight:bold;">not vulnerable (OK)</span>, no heartbeat extension | |
<span style="color:white;background-color:black;"> Done 2019-04-01 13:09:22 [ 28s] -->> 35.172.243.120:443 (www.freebsd.com) <<--</span> | |
----------------------------------------------------- | |
<span style="font-weight:bold;">Done testing now all IP addresses (on port 443): </span>18.207.52.84 54.89.43.110 35.172.243.120 | |
</pre> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[ | |
{ | |
"id" : "service", | |
"ip" : "www.freebsd.com/18.207.52.84", | |
"port" : "443", | |
"severity" : "INFO", | |
"finding" : "HTTP" | |
} | |
, { | |
"id" : "heartbleed", | |
"ip" : "www.freebsd.com/18.207.52.84", | |
"port" : "443", | |
"severity" : "OK", | |
"cve" : "CVE-2014-0160", | |
"cwe" : "CWE-119", | |
"finding" : "not vulnerable, no heartbeat extension" | |
} | |
, { | |
"id" : "service", | |
"ip" : "www.freebsd.com/54.89.43.110", | |
"port" : "443", | |
"severity" : "INFO", | |
"finding" : "HTTP" | |
} | |
, { | |
"id" : "heartbleed", | |
"ip" : "www.freebsd.com/54.89.43.110", | |
"port" : "443", | |
"severity" : "OK", | |
"cve" : "CVE-2014-0160", | |
"cwe" : "CWE-119", | |
"finding" : "not vulnerable, no heartbeat extension" | |
} | |
, { | |
"id" : "service", | |
"ip" : "www.freebsd.com/35.172.243.120", | |
"port" : "443", | |
"severity" : "INFO", | |
"finding" : "HTTP" | |
} | |
, { | |
"id" : "heartbleed", | |
"ip" : "www.freebsd.com/35.172.243.120", | |
"port" : "443", | |
"severity" : "OK", | |
"cve" : "CVE-2014-0160", | |
"cwe" : "CWE-119", | |
"finding" : "not vulnerable, no heartbeat extension" | |
} | |
, { | |
"id" : "scanTime", | |
"ip" : "www.freebsd.com/35.172.243.120", | |
"port" : "443", | |
"severity" : "INFO", | |
"finding" : "28" | |
} | |
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
## Scan started as: "testssl.sh --warnings=batch -H --jsonfile reports --logfile reports --htmlfile reports --csvfile reports https://www.freebsd.com:443" | |
## at testssl:$PWD/bin/openssl.Linux.x86_64 | |
## version testssl: 3.0rc4 742e01e from 2019-03-25 | |
## version openssl: "1.0.2-chacha" from "Jan 18 17:12:17 2019") | |
[1mTesting all IPv4 addresses (port 443): [m18.207.52.84 54.89.43.110 35.172.243.120 | |
----------------------------------------------------- | |
[7m Start 2019-04-01 13:08:56 -->> 18.207.52.84:443 (www.freebsd.com) <<--[m | |
Further IP addresses: 54.89.43.110 35.172.243.120 | |
rDNS (18.207.52.84): -- | |
Service detected: HTTP | |
[1m[4m Testing for heartbleed vulnerability [m | |
[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m, no heartbeat extension | |
[7m Done 2019-04-01 13:09:04 [ 10s] -->> 18.207.52.84:443 (www.freebsd.com) <<--[m | |
----------------------------------------------------- | |
[7m Start 2019-04-01 13:09:04 -->> 54.89.43.110:443 (www.freebsd.com) <<--[m | |
Further IP addresses: 18.207.52.84 35.172.243.120 | |
rDNS (54.89.43.110): -- | |
Service detected: HTTP | |
[1m[4m Testing for heartbleed vulnerability [m | |
[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m, no heartbeat extension | |
[7m Done 2019-04-01 13:09:13 [ 19s] -->> 54.89.43.110:443 (www.freebsd.com) <<--[m | |
----------------------------------------------------- | |
[7m Start 2019-04-01 13:09:13 -->> 35.172.243.120:443 (www.freebsd.com) <<--[m | |
Further IP addresses: 18.207.52.84 54.89.43.110 | |
rDNS (35.172.243.120): -- | |
Service detected: HTTP | |
[1m[4m Testing for heartbleed vulnerability [m | |
[1m Heartbleed[m (CVE-2014-0160) [1;32mnot vulnerable (OK)[m, no heartbeat extension | |
[7m Done 2019-04-01 13:09:22 [ 28s] -->> 35.172.243.120:443 (www.freebsd.com) <<--[m | |
----------------------------------------------------- | |
[1mDone testing now all IP addresses (on port 443): [m18.207.52.84 54.89.43.110 35.172.243.120 | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
service | www.linux.com/151.101.85.5 | 443 | INFO | HTTP | |||
---|---|---|---|---|---|---|---|
heartbleed | www.linux.com/151.101.85.5 | 443 | OK | not vulnerable, no heartbeat extension | CVE-2014-0160 | CWE-119 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment