comp.org.uk

Networking | Programming | Security | Linux | Computer Science | About

SSLScan: SSL/TLS scanning

SSLScan is an integrated command-line tool in Kali Linux that can be used to evaluate the security of the SSL/TLS support of a remote web service. In this recipe, we will discuss how to run SSLScan against a web application and how to interpret and/or manipulate the output results.

Getting ready

To use SSLScan to perform SSL/TLS analysis against a target, you will need to have a remote system that is running a web service with SSL or TLS enabled. In the examples provided, a combination of Google and an instance of Metasploitable2 is used to perform this task.

How to do it

SSLScan can be an effective tool to perform streamlined analysis of the SSL/TLS configurations of a target web server. To perform a basic scan against a web server with a registered domain name, merely pass it the name of the domain as an argument as follows:

root@KaliLinux:~# sslscan google.com

Testing SSL server google.com on port 443 
Supported Server Cipher(s): 
Failed SSLv3 256 bits ECDHE-RSA-AES256-GCM-SHA384 
Failed SSLv3 256 bits ECDHE-ECDSA-AES256-GCM-SHA384 
Failed SSLv3 256 bits ECDHE-RSA-AES256-SHA384 
Failed SSLv3 256 bits ECDHE-ECDSA-AES256-SHA384 
Accepted SSLv3 256 bits ECDHE-RSA-AES256-SHA 
Rejected SSLv3 256 bits ECDHE-ECDSA-AES256-SHA 
Rejected SSLv3 256 bits SRP-DSS-AES-256-CBC-SHA 
Rejected SSLv3 256 bits SRP-RSA-AES-256-CBC-SHA 
Failed SSLv3 256 bits DHE-DSS-AES256-GCM-SHA384 
Failed SSLv3 256 bits DHE-RSA-AES256-GCM-SHA384
Failed SSLv3 256 bits DHE-RSA-AES256-SHA256 
Failed SSLv3 256 bits DHE-DSS-AES256-SHA256 
Rejected SSLv3 256 bits DHE-RSA-AES256-SHA 
Rejected SSLv3 256 bits DHE-DSS-AES256-SHA 
Rejected SSLv3 256 bits DHE-RSA-CAMELLIA256-SHA 
Rejected SSLv3 256 bits DHE-DSS-CAMELLIA256-SHA

** {TRUNCATED} **

When executed, SSLScan will quickly cycle through connections to the target server and enumerate accepted ciphers, preferred cipher suites, and SSL certificate information. It is possible to use grep to restrict the output to needed information. In the following example, grep is used to only view accepted ciphers:

root@KaliLinux:~# sslscan google.com | grep Accepted

Accepted SSLv3 256 bits ECDHE-RSA-AES256-SHA 
Accepted SSLv3 256 bits AES256-SHA
Accepted SSLv3 168 bits ECDHE-RSA-DES-CBC3-SHA 
Accepted SSLv3 168 bits DES-CBC3-SHA 
Accepted SSLv3 128 bits ECDHE-RSA-AES128-SHA 
Accepted SSLv3 128 bits AES128-SHA 
Accepted SSLv3 128 bits ECDHE-RSA-RC4-SHA 
Accepted SSLv3 128 bits RC4-SHA 
Accepted SSLv3 128 bits RC4-MD5 
Accepted TLSv1 256 bits ECDHE-RSA-AES256-SHA 
Accepted TLSv1 256 bits AES256-SHA 
Accepted TLSv1 168 bits ECDHE-RSA-DES-CBC3-SHA 
Accepted TLSv1 168 bits DES-CBC3-SHA 
Accepted TLSv1 128 bits ECDHE-RSA-AES128-SHA 
Accepted TLSv1 128 bits AES128-SHA 
Accepted TLSv1 128 bits ECDHE-RSA-RC4-SHA 
Accepted TLSv1 128 bits RC4-SHA 
Accepted TLSv1 128 bits RC4-MD5

Multiple grep functions can be piped together to limit the output as much as desired. By using multiple piped grep requests, the output in the following example is limited to 256-bit ciphers that were accepted by the target service:

root@KaliLinux:~# sslscan google.com | grep Accepted | grep "256 bits" 
Accepted SSLv3 256 bits ECDHE-RSA-AES256-SHA 
Accepted SSLv3 256 bits AES256-SHA 
Accepted TLSv1 256 bits ECDHE-RSA-AES256-SHA 
Accepted TLSv1 256 bits AES256-SHA

One unique function that SSLScan provides is the implementation of the STARTTLS request in SMTP. This allows SSLScan to easily and effectively test the transport layer security of a mail service by using the --starttls argument and then specifying the target IP address and port.

In the following example, we use SSLScan to determine whether the SMTP service integrated into Metasploitable2 supports any weak 40-bit ciphers:

root@KaliLinux:~# sslscan --starttls 172.16.36.135:25 | grep Accepted | grep "40 bits"
Accepted TLSv1 40 bits EXP-EDH-RSA-DES-CBC-SHA 
Accepted TLSv1 40 bits EXP-ADH-DES-CBC-SHA 
Accepted TLSv1 40 bits EXP-DES-CBC-SHA 
Accepted TLSv1 40 bits EXP-RC2-CBC-MD5 
Accepted TLSv1 40 bits EXP-ADH-RC4-MD5 
Accepted TLSv1 40 bits EXP-RC4-MD5

How it works

SSL/TLS sessions are generally established by negotiations between a client and server. These negotiations consider the configured cipher preferences of each and attempt to determine the most secure solution that is supported by both parties. SSLScan works by cycling through a list of known ciphers and key lengths, and attempting to negotiate a session with the remote server using each configuration. This allows SSLScan to enumerate supported ciphers and keys.


Published on Tue 02 June 2015 by Mason Whitworth in Security with tag(s): sslscan ssl