Nmap Development mailing list archives

Re: Script for supported ciphers?

From: David Fifield <david () bamsoftware com>
Date: Wed, 4 Feb 2009 15:06:18 -0700

On Wed, Feb 04, 2009 at 12:27:17PM -0800, Corey Chandler wrote:

Is there an nmap script to display what SSL ciphers / versions a server  
will accept?  I could sure use one for my PCI compliance scanning...


sslv2.nse prints out ciphers with a verbosity of 2 or greater

$ nmap --script=sslv2
...
|_ sslv2: server still supports SSLv2

$ nmap --script=sslv2 -v -v
...
|  sslv2: server still supports SSLv2
|       SSL2_DES_192_EDE3_CBC_WITH_MD5
|       SSL2_RC2_CBC_128_CBC_WITH_MD5
|       SSL2_RC4_128_WITH_MD5
|_      SSL2_RC4_128_EXPORT40_WITH_MD5

Is that what you need? If not, maybe sslv2.nse could be adapted.

David Fifield

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

Script for supported ciphers? Corey Chandler (Feb 04)
- Re: Script for supported ciphers? David Fifield (Feb 04)
- Re: Script for supported ciphers? Rob Nicholls (Feb 05)
  - RE: Script for supported ciphers? Matthew Boyle (Feb 05)