[ fixed ] BUG testssl.sh - 41D1L - 11-02-2011
saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code: 41D1L@bt:/pentest/scanners/testssl# python testssl.sh
kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax
mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih
RE: BUG testssl.sh - Junior Riau - 11-06-2011
(11-02-2011, 09:06 PM)41D1L Wrote: saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code: 41D1L@bt:/pentest/scanners/testssl# python testssl.sh
kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax
mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih
file nya belum executeable
Quote:root@bt:/pentest/scanners/testssl# ls -l
total 8
-rw-r--r-- 1 root root 6566 2011-05-07 00:14 testssl.sh
ane +x trus dijalanin malah jadi gini
Quote:root@bt:/pentest/scanners/testssl# chmod +x testssl.sh
root@bt:/pentest/scanners/testssl# ls
testssl.sh
root@bt:/pentest/scanners/testssl# ./testssl.sh
supply a hostname
root@bt:/pentest/scanners/testssl# ./testssl.sh -h
testssl.sh: hostname <port (443 otherwise assumed)> <--all|-a|all>
makenya bijimana??
RE: BUG testssl.sh - zee eichel - 11-06-2011
ya itu cuma untuk mengetes situs, service port yang berbasis ssl atau https doang .. tinggal tambahkan domain saja
contoh penggunaan dan hasil :
Code: zee@eichel:/pentest/scanners/testssl# ./testssl.sh facebook.com
SSLv3: offered (ok)
TLSv1: offered (ok)
SSLv2: 2514:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:
not offered (ok)
Null Cipher:
NULL-SHA SSLv3 Kx=RSA Au=RSA Enc=None Mac=SHA1
NULL-MD5 SSLv3 Kx=RSA Au=RSA Enc=None Mac=MD5
offered (NOT ok)
Anonymous DH Cipher :
AECDH-AES256-SHA SSLv3 Kx=ECDH Au=None Enc=AES(256) Mac=SHA1
AECDH-AES128-SHA SSLv3 Kx=ECDH Au=None Enc=AES(128) Mac=SHA1
AECDH-DES-CBC3-SHA SSLv3 Kx=ECDH Au=None Enc=3DES(168) Mac=SHA1
AECDH-RC4-SHA SSLv3 Kx=ECDH Au=None Enc=RC4(128) Mac=SHA1
AECDH-NULL-SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1
ADH-AES256-SHA SSLv3 Kx=DH Au=None Enc=AES(256) Mac=SHA1
ADH-AES128-SHA SSLv3 Kx=DH Au=None Enc=AES(128) Mac=SHA1
ADH-DES-CBC3-SHA SSLv3 Kx=DH Au=None Enc=3DES(168) Mac=SHA1
ADH-DES-CBC-SHA SSLv3 Kx=DH Au=None Enc=DES(56) Mac=SHA1
EXP-ADH-DES-CBC-SHA SSLv3 Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export
ADH-RC4-MD5 SSLv3 Kx=DH Au=None Enc=RC4(128) Mac=MD5
EXP-ADH-RC4-MD5 SSLv3 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
offered (NOT ok)
40 Bit encryption:
EXP-ADH-DES-CBC-SHA SSLv3 Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 SSLv3 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
EXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
offered (NOT ok)
56 Bit encryption:
Error in cipher list
2550:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1217:
Note: no remote test for 56 Bit encryption possible, local config problem
Export Cipher (general):
EXP-ADH-DES-CBC-SHA SSLv3 Kx=DH(512) Au=None Enc=DES(40) Mac=SHA1 export
EXP-ADH-RC4-MD5 SSLv3 Kx=DH(512) Au=None Enc=RC4(40) Mac=MD5 export
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
EXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
EXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
offered (NOT ok)
Low (<=64 Bit):
ADH-DES-CBC-SHA SSLv3 Kx=DH Au=None Enc=DES(56) Mac=SHA1
EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1
DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
DES-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=DES(56) Mac=MD5
offered (NOT ok)
SSLv3 but medium grade encryption:
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
offered (NOT ok)
High grade encryption:
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1
DHE-RSA-AES128-SHA SSLv3 Kx=DH Au=RSA Enc=AES(128) Mac=SHA1
DHE-DSS-AES128-SHA SSLv3 Kx=DH Au=DSS Enc=AES(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
DES-CBC3-MD5 SSLv2 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5
offered (ok)
RE: BUG testssl.sh - iKONspirasi - 11-06-2011
(11-06-2011, 01:16 PM)junior.riau18 Wrote: (11-02-2011, 09:06 PM)41D1L Wrote: saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code: 41D1L@bt:/pentest/scanners/testssl# python testssl.sh
kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax
mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih
file nya belum executeable
Quote:root@bt:/pentest/scanners/testssl# ls -l
total 8
-rw-r--r-- 1 root root 6566 2011-05-07 00:14 testssl.sh
ane +x trus dijalanin malah jadi gini
Quote:root@bt:/pentest/scanners/testssl# chmod +x testssl.sh
root@bt:/pentest/scanners/testssl# ls
testssl.sh
root@bt:/pentest/scanners/testssl# ./testssl.sh
supply a hostname
root@bt:/pentest/scanners/testssl# ./testssl.sh -h
testssl.sh: hostname <port (443 otherwise assumed)> <--all|-a|all>
makenya bijimana??
bener kata om zee cara pakenya itu:
Code: ./testssl.sh target.com
dengan catatan udah di chmod +x testssl.sh, klo belom ya:
Code: sh testssl.sh target.com
oh iya satu lagi klo hasil scan tulisannya ga keliatan karena konsole tembus pandang ubah COLOR di dalam source codenya, buka file testssl.sh pake vim, kwrite, gedit terserah trus ubah:
Quote:NC="" # netcat will be autodetermined
ECHO="/bin/echo -e" # works under Linux, watch out under Solaris, not tested yet under cygwin
COLOR=1 # with screen, tee and friends put 1 here (i.e. no color)
VERB_CLIST="-v" # -v displays row by row cipher, SSL-version, KX, Au, Enc and Mac
VERBERR=0 # zero means $OPENSSL errors will be more verbose
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
perhatikan yg warna merah (sebelumnya nilai 0)
selamat mencoba
RE: BUG testssl.sh - THJC - 11-06-2011
Closed, Bug Fixed!
|