News - Main Page
Whitepapers
Tools and Download
Presentations
Related
:ManySSL

Readme

DESCRIPTION

This perl script will enumerate the SSL ciphers in use on any SSL encrypted service, including STARTTLS on SMTP. The script will warn the operator if a self signed certificate is detected on a https encrypted service.

USAGE

$./manyssl.pl [-h] [-f targets_file] [-m] [-s ip -p port] [-t timeout(secs)] [-c 128] [-r]

[-h] this help message

[-f] accept a file denoting targets, in the form ip:port

[-m] servers are a mailserver; perform starttls

[-s] server ip. Accepted forms: single ip 192.168.0.1 or range 192.168.0.1-254 or comma delimited 192.168.0.1,192.168.1.2

[-p] port number of ssl service

[-c 128] only display ciphers with a key length under 128 bits

[-r] highlight weak ciphers in the colour red.

[-t timeout] alter the timeout value in seconds (default 10 secs)

[-v CAfile] use specified client certificate CAfile (.pem or .crt)

 

UPDATING

$ ./manyssl.pl -u updates the cipher DB through openssl

 

AUTHOR

Copyright (C) 10-12-2008 Andy Portcullis tools@portcullis-security.com

 

WHATS NEW

Improved the following:

* Basic check for Self Signed Certificates

* Support for STARTTLS on mail servers

 

REQUIREMENTS

Perl Libraries:

* Net::SSLeay

* Parallel::ForkManager

* Net::Packet::Utils

* IO::Socket::INET

* IO::Socket::SSL

* Term::ANSIColor

* Time::Local

 

LICENSE

manyssl - SSL cipher checker

Copyright (C) 2008 Portcullis

 

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 

You are encouraged to send comments, improvements or suggestions to me at

tools@portcullis-security.com

 

Last Updated : 09/12/2008 15:48:49