Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Script for supported ciphers?

From: Matthew Boyle <matt_boyle32 () hotmail com>
Date: Thu, 5 Feb 2009 20:30:23 +0000


From: robert () everythingeverything co uk


Is there an nmap script to display what SSL ciphers / versions a server
will accept?  I could sure use one for my PCI compliance scanning...


Agreed, I'd find it quite useful too. At the moment I use a script to run
an external program every time Nmap identifies the use of SSL, being able
to do it with Nmap would be a great time saver.

It'd definitely be useful to identify support for SSLv2 for PCI scans
(although the Assessor Update: November 2008 [1] states that "The merchant
can enable SSL 2.0 or older for an initial handshake only to identify that
the browser requires to be updated. The merchant can then notify their
customers that a security update is required in those rare cases prior to
making an online purchase using a credit or debit card."), but I'd also
like to know about weak ciphers in general.



hey,

i'm the original author of the SSLv2 script.

i did briefly investigate adapting it to also identify weak/null SSLv3/TLS cyphers,
but some of the characteristics of the protocol make it rather harder to get the
complete list of the cyphers the server supports.  SSLv2 leaves the cypher 
choice to the client, while in SSLv3/TLS that's done by the server, based on what
the client offers.

of course, this is moot if we all that's required is a safe/unsafe diagnosis,
leaving further investigation to the interested party.  that would probably just
be a matter of sending CLIENT-HELLO requests containing only weak cyphers, 
and checking for an error message from the server.

if people are interested in such a thing i'd be glad to take another look.

cheers,

--matt



_________________________________________________________________
Windows Live Messenger just got better .Video display pics, contact updates & more.
http://www.download.live.com/messenger

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: