Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

[NSE] ssl-enum-extensions

From: John Bond <john.r.bond () gmail com>
Date: Tue, 8 Apr 2014 17:09:36 +0200
Hello All,

Due to the heartbeat bug recently released i thought i would add a
script to enumerate the SSL supported extensions.  This script *does
not* detect if a server is vulnerable to the heartbeat bug.  However
someone in IRC mentioned they are working on that so hopefully it will
be forthcoming.  Script is not well tested and for some reason im
receiving unrecognised extension ID's (5635, 63245 & 64689);

That said does seem to detect the heartbeat extension so should help
people in track servers that are potentially vulnerable

the script is available here however most of the heavy lifting is copy
pasted from the ssl-enum-ciphers script

https://github.com/b4ldr/nse-scripts/blob/master/ssl-enum-extensions.nse

comments and criticism welcome

Thanks John
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Previous By Date Next
Previous By Thread Next

Current thread: