Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Ausgabe von python sslyze_cli.py --regular got-tty.org für den Aritkel https://got-tty.org/sslyze-ssl-scanner
AVAILABLE PLUGINS
-----------------
FallbackScsvPlugin
SessionResumptionPlugin
HeartbleedPlugin
OpenSslCipherSuitesPlugin
OpenSslCcsInjectionPlugin
CompressionPlugin
CertificateInfoPlugin
SessionRenegotiationPlugin
HstsPlugin
CHECKING HOST(S) AVAILABILITY
-----------------------------
got-tty.org:443 => 85.13.130.103
SCAN RESULTS FOR GOT-TTY.ORG:443 - 85.13.130.103:443
----------------------------------------------------
* TLSV1_1 Cipher Suites:
Preferred:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits HTTP 200 OK
Accepted:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH-256 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits HTTP 200 OK
* TLSV1_2 Cipher Suites:
Preferred:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH-256 bits 128 bits HTTP 200 OK
Accepted:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 ECDH-256 bits 256 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH-256 bits 256 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 ECDH-256 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 DH-2048 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 DH-2048 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_RSA_WITH_AES_256_CBC_SHA256 - 256 bits HTTP 200 OK
TLS_RSA_WITH_AES_256_GCM_SHA384 - 256 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 ECDH-256 bits 128 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 ECDH-256 bits 128 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 DH-2048 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 DH-2048 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_RSA_WITH_AES_128_GCM_SHA256 - 128 bits HTTP 200 OK
TLS_RSA_WITH_AES_128_CBC_SHA256 - 128 bits HTTP 200 OK
TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits HTTP 200 OK
* Session Renegotiation:
Client-initiated Renegotiation: OK - Rejected
Secure Renegotiation: OK - Supported
* Deflate Compression:
OK - Compression disabled
* OpenSSL Heartbleed:
OK - Not vulnerable to Heartbleed
* SSLV3 Cipher Suites:
Server rejected all cipher suites.
* Session Resumption:
With Session IDs: OK - Supported (5 successful, 0 failed, 0 errors, 5 total attempts).
With TLS Tickets: OK - Supported
* OpenSSL CCS Injection:
OK - Not vulnerable to OpenSSL CCS injection
* Certificate Basic Information:
SHA1 Fingerprint: 70878b335ca359b00d77a0ed3556e9821c70b6cf
Common Name: www.got-tty.org
Issuer: StartCom Class 1 Primary Intermediate Server CA
Serial Number: 0630DE1E796D7B
Not Before: Aug 27 11:05:45 2015 GMT
Not After: Aug 27 16:05:27 2016 GMT
Signature Algorithm: sha256WithRSAEncryption
Public Key Algorithm: rsaEncryption
Key Size: 2048 bit
Exponent: 65537 (0x10001)
X509v3 Subject Alternative Name: {'DNS': ['www.got-tty.org', 'got-tty.org']}
* Certificate - Trust:
Hostname Validation: OK - Subject Alternative Name matches got-tty.org
Mozilla NSS CA Store (02/2016): OK - Certificate is trusted
Microsoft CA Store (02/2016): OK - Certificate is trusted
Apple CA Store (OS X 10.11.3): OK - Certificate is trusted
Java 6 CA Store (Update 65): OK - Certificate is trusted
Google CA Store (02/2016): FAILED - Certificate is NOT Trusted: unable to get local issuer certificate
Weak Signature: OK - No SHA1-signed certificate in the chain
Certificate Chain Received: ['www.got-tty.org', 'StartCom Class 1 Primary Intermediate Server CA']
* Certificate - OCSP Stapling:
NOT SUPPORTED - Server did not send back an OCSP response.
* Downgrade Attacks:
TLS_FALLBACK_SCSV: OK - Supported
* SSLV2 Cipher Suites:
Server rejected all cipher suites.
* TLSV1 Cipher Suites:
Preferred:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits HTTP 200 OK
Accepted:
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA ECDH-256 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA DH-2048 bits 256 bits HTTP 200 OK
TLS_RSA_WITH_AES_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - 256 bits HTTP 200 OK
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA ECDH-256 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_AES_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA DH-2048 bits 128 bits HTTP 200 OK
TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_AES_128_CBC_SHA - 128 bits HTTP 200 OK
TLS_RSA_WITH_3DES_EDE_CBC_SHA - 112 bits HTTP 200 OK
SCAN COMPLETED IN 6.78 S
------------------------
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment