Thread Closed
[ fixed ] BUG testssl.sh
#1
saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code:
[email protected]:/pentest/scanners/testssl# python testssl.sh

kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax

mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih Big Grin
An Ordinary Indonesian. Rakyat Indonesia biasa saja.

#2
(11-02-2011, 09:06 PM)41D1L Wrote: saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code:
[email protected]:/pentest/scanners/testssl# python testssl.sh

kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax

mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih Big Grin

file nya belum executeable

Quote:[email protected]:/pentest/scanners/testssl# ls -l
total 8
-rw-r--r-- 1 root root 6566 2011-05-07 00:14 testssl.sh

ane +x trus dijalanin malah jadi gini

Quote:[email protected]:/pentest/scanners/testssl# chmod +x testssl.sh
[email protected]:/pentest/scanners/testssl# ls
testssl.sh
[email protected]:/pentest/scanners/testssl# ./testssl.sh
supply a hostname
[email protected]:/pentest/scanners/testssl# ./testssl.sh -h
testssl.sh: hostname <port (443 otherwise assumed)> <--all|-a|all>
makenya bijimana??
Angry

#3
ya itu cuma untuk mengetes situs, service port yang berbasis ssl atau https doang .. tinggal tambahkan domain saja

contoh penggunaan dan hasil :

Code:
[email protected]:/pentest/scanners/testssl# ./testssl.sh facebook.com

SSLv3: offered (ok)

TLSv1: offered (ok)

SSLv2: 2514:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:
not offered (ok)

Null Cipher:  
NULL-SHA                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=SHA1
NULL-MD5                SSLv3 Kx=RSA      Au=RSA  Enc=None      Mac=MD5
offered (NOT ok)

Anonymous DH Cipher :  
AECDH-AES256-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(256)  Mac=SHA1
AECDH-AES128-SHA        SSLv3 Kx=ECDH     Au=None Enc=AES(128)  Mac=SHA1
AECDH-DES-CBC3-SHA      SSLv3 Kx=ECDH     Au=None Enc=3DES(168) Mac=SHA1
AECDH-RC4-SHA           SSLv3 Kx=ECDH     Au=None Enc=RC4(128)  Mac=SHA1
AECDH-NULL-SHA          SSLv3 Kx=ECDH     Au=None Enc=None      Mac=SHA1
ADH-AES256-SHA          SSLv3 Kx=DH       Au=None Enc=AES(256)  Mac=SHA1
ADH-AES128-SHA          SSLv3 Kx=DH       Au=None Enc=AES(128)  Mac=SHA1
ADH-DES-CBC3-SHA        SSLv3 Kx=DH       Au=None Enc=3DES(168) Mac=SHA1
ADH-DES-CBC-SHA         SSLv3 Kx=DH       Au=None Enc=DES(56)   Mac=SHA1
EXP-ADH-DES-CBC-SHA     SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 export
ADH-RC4-MD5             SSLv3 Kx=DH       Au=None Enc=RC4(128)  Mac=MD5
EXP-ADH-RC4-MD5         SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  export
offered (NOT ok)

40 Bit encryption:  
EXP-ADH-DES-CBC-SHA     SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 export
EXP-ADH-RC4-MD5         SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  export
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
offered (NOT ok)

56 Bit encryption:  
Error in cipher list
2550:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl_lib.c:1217:
Note: no remote test for 56 Bit encryption possible, local config problem


Export Cipher (general):  
EXP-ADH-DES-CBC-SHA     SSLv3 Kx=DH(512)  Au=None Enc=DES(40)   Mac=SHA1 export
EXP-ADH-RC4-MD5         SSLv3 Kx=DH(512)  Au=None Enc=RC4(40)   Mac=MD5  export
EXP-EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512)  Au=DSS  Enc=DES(40)   Mac=SHA1 export
EXP-DES-CBC-SHA         SSLv3 Kx=RSA(512) Au=RSA  Enc=DES(40)   Mac=SHA1 export
EXP-RC2-CBC-MD5         SSLv3 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
EXP-RC4-MD5             SSLv3 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
EXP-RC2-CBC-MD5         SSLv2 Kx=RSA(512) Au=RSA  Enc=RC2(40)   Mac=MD5  export
EXP-RC4-MD5             SSLv2 Kx=RSA(512) Au=RSA  Enc=RC4(40)   Mac=MD5  export
offered (NOT ok)

Low (<=64 Bit):  
ADH-DES-CBC-SHA         SSLv3 Kx=DH       Au=None Enc=DES(56)   Mac=SHA1
EDH-RSA-DES-CBC-SHA     SSLv3 Kx=DH       Au=RSA  Enc=DES(56)   Mac=SHA1
EDH-DSS-DES-CBC-SHA     SSLv3 Kx=DH       Au=DSS  Enc=DES(56)   Mac=SHA1
DES-CBC-SHA             SSLv3 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=SHA1
DES-CBC-MD5             SSLv2 Kx=RSA      Au=RSA  Enc=DES(56)   Mac=MD5
offered (NOT ok)

SSLv3 but medium grade encryption:  
RC4-SHA                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=SHA1
RC4-MD5                 SSLv3 Kx=RSA      Au=RSA  Enc=RC4(128)  Mac=MD5
offered (NOT ok)

High grade encryption:  
DHE-RSA-AES256-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-DSS-AES256-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(256)  Mac=SHA1
AES256-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(256)  Mac=SHA1
DHE-RSA-AES128-SHA      SSLv3 Kx=DH       Au=RSA  Enc=AES(128)  Mac=SHA1
DHE-DSS-AES128-SHA      SSLv3 Kx=DH       Au=DSS  Enc=AES(128)  Mac=SHA1
AES128-SHA              SSLv3 Kx=RSA      Au=RSA  Enc=AES(128)  Mac=SHA1
EDH-RSA-DES-CBC3-SHA    SSLv3 Kx=DH       Au=RSA  Enc=3DES(168) Mac=SHA1
EDH-DSS-DES-CBC3-SHA    SSLv3 Kx=DH       Au=DSS  Enc=3DES(168) Mac=SHA1
DES-CBC3-SHA            SSLv3 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=SHA1
DES-CBC3-MD5            SSLv2 Kx=RSA      Au=RSA  Enc=3DES(168) Mac=MD5
offered (ok)
FOLLOW @DutaLinux
for more question and sharing about security and Opensource only

#4
(11-06-2011, 01:16 PM)junior.riau18 Wrote:
(11-02-2011, 09:06 PM)41D1L Wrote: saya menemukan buk di file /pentest/scanners/testssl/testssl.sh saat di eksekusi
Code:
[email protected]:/pentest/scanners/testssl# python testssl.sh

kemudian muncul message seperti ini
Quote: File "testssl.sh", line 34
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
^
SyntaxError: invalid syntax

mohon infonya dari temen-temen yang udah dapat fix dari bug ini terima kasih Big Grin

file nya belum executeable

Quote:[email protected]:/pentest/scanners/testssl# ls -l
total 8
-rw-r--r-- 1 root root 6566 2011-05-07 00:14 testssl.sh

ane +x trus dijalanin malah jadi gini

Quote:[email protected]:/pentest/scanners/testssl# chmod +x testssl.sh
[email protected]:/pentest/scanners/testssl# ls
testssl.sh
[email protected]:/pentest/scanners/testssl# ./testssl.sh
supply a hostname
[email protected]:/pentest/scanners/testssl# ./testssl.sh -h
testssl.sh: hostname <port (443 otherwise assumed)> <--all|-a|all>
makenya bijimana??
Angry

bener kata om zee cara pakenya itu:
Code:
./testssl.sh target.com

dengan catatan udah di chmod +x testssl.sh, klo belom ya:
Code:
sh testssl.sh target.com

oh iya satu lagi klo hasil scan tulisannya ga keliatan karena konsole tembus pandang ubah COLOR di dalam source codenya, buka file testssl.sh pake vim, kwrite, gedit terserah trus ubah:
Quote:NC="" # netcat will be autodetermined
ECHO="/bin/echo -e" # works under Linux, watch out under Solaris, not tested yet under cygwin
COLOR=1 # with screen, tee and friends put 1 here (i.e. no color)
VERB_CLIST="-v" # -v displays row by row cipher, SSL-version, KX, Au, Enc and Mac
VERBERR=0 # zero means $OPENSSL errors will be more verbose
DEBUG=${DEBUG:-1} # if 0 the temp file won't be erased, it only keeps the last output anyway
perhatikan yg warna merah (sebelumnya nilai 0)

selamat mencoba

#5
Closed, Bug Fixed!
Yang putih, yang seharusnya ber-aksi dan berbakat!
Linuxtivist blog


Thread Closed


Users browsing this thread: 1 Guest(s)