Re: Encryption Level of web site

["Dana Epp" <dana () vulscan com>]

Hey Patrick,

I don't have to much time right now to actually go and write something
clean, but here is a quick and dirty perl script to get you started that I
wrote during lunch. Basically it takes advantage of the OpenSSL libs through
Net:SSLeay to make the calls I recommended in my last email a few days ago.
It will connect to a target, get the cipher used during the connection and
then barf the number of bits. Wouldn't be that hard to modify this to call
get_cipher_list() and iterate through the list of available ciphers for you.
I'll leave that to you to play with for now.

I tested this against a few SSL implimentations around the lab, and it works
fine under Perl on Linux, Cygwin/XP and OpenBSD. As I've only spent like 30
minutes on this, there is no real error checking, intelligence blah blah
blah. Should be enough though to quickly probe a target and get the cipher
and bits that you need. You will need some sort of perl implementation with
Net::SSLeay installed.

I called the script get_ssl_bits.pl. Usage was:  ./get_ssl_bits.pl
target.domain.com 443

I also tested it against some other services other than HTTPS (IMAPS and
SSMTP) by using the proper ports (993 and 465 respectively) and it works
fine.

Have fun. Hope its helpful.


#!/usr/bin/perl -w
# get_ssl_bits.pl
#    Simple script to probe an SSL enabled target to get the cipher and the
bits used by said cipher
#    NOTE: This only probes the active connection/cipher in use. Check API
to call available ciphers
#     ie: get_cipher_list()
#
# Usage:  get_ssl_bits.pl  <target> <port>
#

use Socket;
use Net::SSLeay qw(die_now die_if_ssl_error);

# Prime the pump for the OpenSSL API
Net::SSLeay::load_error_strings();
Net::SSLeay::SSLeay_add_ssl_algorithms();
Net::SSLeay::randomize();

# Get the args. Usage: get_ssl_bits.pl <target> <port>
my ($target, $port) = @ARGV;
my $target_ip = gethostbyname( $target );
$port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
my $params = sockaddr_in( $port, $target_ip );

# Create the needed socket
socket ( S, &AF_INET, &SOCK_STREAM, 0 ) or die "socket: $!";
connect( S, $params ) or die "connect: $!";
select ( S );
$| = 1; select( STDOUT );

# Create SSL context
$ctx = Net::SSLeay::CTX_new() or die_now( "Failed to create SSL_CTX $!" );
Net::SSLeay::CTX_set_options( $ctx, &Net::SSLeay::OP_ALL )
             and die_if_ssl_error( "ssl ctx set options" );
$ssl = Net::SSLeay::new( $ctx ) or die_now( "Failed to create SSL $!" );

# Attach the socket to the descriptor
Net::SSLeay::set_fd( $ssl, fileno(S) );

# Ok lets hit the target
Net::SSLeay::connect( $ssl ) and die_if_ssl_error( "ssl connect" );
my $cipher = Net::SSLeay::get_cipher( $ssl );
my $cipher_bits = Net::SSLeay::get_cipher_bits( $ssl, 0 );

# Barf the results to Patrick
print "Connected with Cipher '$cipher' which is using $cipher_bits bits.\n";

# Tear down the connection
Net::SSLeay::free( $ssl );
Net::SSLeay::CTX_free( $ctx );
close S;

---
Regards,
Dana M. Epp


----- Original Message ----- 
From: "Patrick Boucher" <pboucher () gardienvirtuel com>
To: "Nicholas Diotte" <xphox () xphox net>
Cc: <security-basics () securityfocus com>
Sent: Thursday, June 19, 2003 11:08 AM
Subject: Re: Encryption Level of web site


> Greetings,
>
>  Ok thank you for the information, but i am searching for a way to make a
> query on a remote WebServer (One i don't have acces to)  to know, what are
> the permited encryption on it ?.
>
> If it is possible to talk to a https server that support 40 bits
encryption..
> So i can tell the client: Your server should support only 128 bits..
>
> DO you know of a Script or way to know that ?
>
> Without looking at the Config files?
>
>  Thank you again for your time,..
>
>  Patrick


---------------------------------------------------------------------------
Evaluating SSL VPNs' Consider NEOTERIS, chosen as leader by top analysts!
The Gartner Group just put Neoteris in the top of its Magic Quadrant,
while InStat has confirmed Neoteris as the leader in marketshare.
     
Find out why, and see how you can get plug-n-play secure remote access in
about an hour, with no client, server changes, or ongoing maintenance.
          
Visit us at: http://www.neoteris.com/promos/sf-6-9.htm
----------------------------------------------------------------------------