mirror of
https://github.com/alexanderepstein/Bash-Snippets
synced 2018-11-08 02:59:35 +01:00
Add tool to check a sites enabled SSL ciphers (#61)
This commit is contained in:
parent
23183b01f8
commit
8ff5357a11
28
siteciphers/siteciphers
Executable file
28
siteciphers/siteciphers
Executable file
@ -0,0 +1,28 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
if [[ -z $1 ]]; then
|
||||||
|
echo "usage: siteciphers <domain>"
|
||||||
|
exit
|
||||||
|
fi
|
||||||
|
SERVER=$1:443
|
||||||
|
DELAY=1
|
||||||
|
ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/ /g')
|
||||||
|
|
||||||
|
for cipher in ${ciphers[@]}
|
||||||
|
do
|
||||||
|
result=$(echo -n | openssl s_client -cipher "$cipher" -connect $SERVER 2>&1)
|
||||||
|
if [[ "$result" =~ ":error:" ]] ; then
|
||||||
|
if [[ -z $2 ]]; then
|
||||||
|
error=$(echo -n $result | cut -d':' -f6)
|
||||||
|
echo "${cipher} - NO (${error})"
|
||||||
|
fi
|
||||||
|
else
|
||||||
|
if [[ "$result" =~ "Cipher is ${cipher}" || "$result" =~ "Cipher :" ]] ; then
|
||||||
|
echo "${cipher} - YES"
|
||||||
|
else
|
||||||
|
if [[ -z $2 ]]; then
|
||||||
|
echo "${cipher} - UNKNOWN RESPONSE - ${result}"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
sleep $DELAY
|
||||||
|
done
|
Loading…
Reference in New Issue
Block a user