SSL-Cipher-Check
A quick and easy way to verify what Ciphers are supported on a server.
Sample Report (using -v for verbose output)
ssl-cipher-check.pl
I wanted a simple way to verify all the SSL ciphers a website could use (thanks PCI). I just needed something simple, not running a full blown vuln scanner and all the tools I could find (thanks THC) were windows based. So I wrote a very simple script… ssl-cipher-check.
***UPDATE 2015-02-25 v1.9*** Kurt at FreeBSD.org sent a patch to clean up my code to utilise 'use strict' and 'use warnings'
I appreciate it, as I am lazy
***UPDATE 2014-10-16 v1.8*** Added TLS1.1 & 1.2 support and added SSLv3 as weak, plus POODLE identification.
Added -g flag to run glutls debug util seperately.
***NOTE*** Steve Zenone wrote a good article on his blog about how and why of this stuff... PCI Compliance - Disable SSLv2 and Weak Ciphers is a good read and the tool and his article compliment each other well.
***UPDATE 2012-03-07 v1.7*** markus.theissinger (of .de) pointed out a flaw and gave me a fix.
There were some different output in some versions of OpenSSL so the patch dealt with that to make the results more accurate. Less false negatives.
***UPDATE 2009-10-19 v1.6*** Steven Andrés (of Special Ops Security) pointed out a flaw and gave me a fix.
" For some cipher combinations, OpenSSL will return a "verify return" command but then later on fail with the "no cipher list" error. Since you check the former and not the latter, you false positive on these ciphers. "
His patch has been applied and all is working well.
It starts by pulling a list of all the ciphers supported by the openssl client. The number of checks it does is all dependant on the version and configuration of OpenSSL on your machine. It does include NULL checks as well. On a CentOS server, this includes:
ADH-AES256-SHA, DHE-RSA-AES256-SHA, DHE-DSS-AES256-SHA, AES256-SHA, ADH-AES128-SHA, DHE-RSA-AES128-SHA, DHE-DSS-AES128-SHA, AES128-SHA, DHE-DSS-RC4-SHA, EXP1024-DHE-DSS-RC4-SHA, EXP1024-RC4-SHA, EXP1024-DHE-D SS-DES-CBC-SHA, EXP1024-DES-CBC-SHA, EXP1024-RC2-CBC-MD5, EXP1024-RC4-MD5, EXP-KRB5-RC4-MD5, EXP-KRB5-RC 2-CBC-MD5, EXP-KRB5-DES-CBC-MD5, EXP-KRB5-RC4-SHA, EXP-KRB5-RC2-CBC-SHA, EXP-KRB5-DES-CBC-SHA, KRB5-RC4- MD5, KRB5-DES-CBC3-MD5, KRB5-DES-CBC-MD5, KRB5-RC4-SHA, KRB5-DES-CBC3-SHA, KRB5-DES-CBC-SHA, EDH-RSA-DES -CBC3-SHA, EDH-RSA-DES-CBC-SHA, EXP-EDH-RSA-DES-CBC-SHA, EDH-DSS-DES-CBC3-SHA, EDH-DSS-DES-CBC-SHA, EXP- EDH-DSS-DES-CBC-SHA, DES-CBC3-SHA, DES-CBC-SHA, EXP-DES-CBC-SHA, EXP-RC2-CBC-MD5, RC4-SHA, RC4-MD5, EXP- RC4-MD5, ADH-DES-CBC3-SHA, ADH-DES-CBC-SHA, EXP-ADH-DES-CBC-SHA, ADH-RC4-MD5, EXP-ADH-RC4-MD5, RC4-64-MD 5, DES-CBC3-MD5, DES-CBC-MD5, RC2-CBC-MD5, NULL-SHA, NULL-MD5
The script will connect first without specifying the Cipher or protocol. This will allow us to determine the default Cipher/Proto combination used for the server.
Then the script tries to connect to the server, on the specified port or 443 if a port is not given, and record the output to a log file called ssl_dump.log. Because all of this happens before any protocol specific commands, this will work with HTTP, POP, IMAP or any SSL enable protocol.
Below you will find a sample ssl_dump.log, the script itself and a script to grab a list of CA certs for verifying the SSL cert signature. Below that is some sample output.
I also did a presentation at DC214 on March 11, 2009, explaining what SSL is and the tool. Most of the presentation was live demos, so the slides are very simple.
As always feedback is welcome.
mkcabundle.pl
126 CA supported. mkcabundle.pl was writen by Joe Orton and sent to modssl_users. The script logs into the Mozilla anonymous CVS server (so cvs must be installed) and downloads the lastest list of CA distributed with Firefox and other Mozilla products.
perl ./mkcabundle.pl > ca-bundle.crt
Download:
ssl-cipher-check.pl - The script itself.mkcabundle.pl - The CA bundle creation script.
ssl_dump.log - Sample dump log
Usage:
$ perl ./ssl-cipher-check.pl : SSL Cipher Check: 1.2 : written by Lee 'MadHat' Heath (at) Unspecific.com Usage: ./ssl-cipher-check.pl [ -dvwas ][ ] default port is 443 -d Add debug info (show it all, lots of stuff) -v Verbose. Show more info about what is found -w Show only weak ciphers enabled. -a Show all ciphers, enabled or not -s Show only the STRONG ciphers enabled.
Default Output:
$ perl ./ssl-cipher-check.pl mail.yahoo.com Testing mail.yahoo.com:443 SSLv3:RC4-MD5 - ENABLED - STRONG 128 bits SSLv3:DES-CBC3-SHA - ENABLED - STRONG 168 bits SSLv3:RC4-SHA - ENABLED - STRONG 128 bits ** SSLv3:DES-CBC-SHA - ENABLED - WEAK 56 bits ** ** SSLv3:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** SSLv3:AES128-SHA - ENABLED - STRONG 128 bits SSLv3:AES256-SHA - ENABLED - STRONG 256 bits TLSv1:RC4-MD5 - ENABLED - STRONG 128 bits TLSv1:DES-CBC3-SHA - ENABLED - STRONG 168 bits TLSv1:RC4-SHA - ENABLED - STRONG 128 bits ** TLSv1:DES-CBC-SHA - ENABLED - WEAK 56 bits ** ** TLSv1:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** TLSv1:AES128-SHA - ENABLED - STRONG 128 bits TLSv1:AES256-SHA - ENABLED - STRONG 256 bits ** SSLv2:RC4-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:RC2-CBC-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:DES-CBC-MD5 - ENABLED - WEAK 56 bits ** ** SSLv2:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:DES-CBC3-MD5 - ENABLED - WEAK 168 bits ** *WARNING* 14 WEAK Ciphers Enabled. Total Ciphers Enabled: 24
Verbose Output:
$ perl ./ssl-cipher-check.pl -v usa.visa.com Mon Mar 16 13:11:33 2009 START Testing usa.visa.com:443 Testing with OpenSSL 0.9.8g 19 Oct 2007 Running a total of 105 scans ............................................................................................................ SSLv3:RC4-MD5 - ENABLED - STRONG 128 bits SSLv3:DES-CBC3-SHA - ENABLED - STRONG 168 bits SSLv3:RC4-SHA - ENABLED - STRONG 128 bits ** SSLv3:DES-CBC-SHA - ENABLED - WEAK 56 bits ** ** SSLv3:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** SSLv3:AES128-SHA - ENABLED - STRONG 128 bits SSLv3:AES256-SHA - ENABLED - STRONG 256 bits Error 20: unable to get local issuer certificate TLSv1:RC4-MD5 - ENABLED - STRONG 128 bits TLSv1:DES-CBC3-SHA - ENABLED - STRONG 168 bits TLSv1:RC4-SHA - ENABLED - STRONG 128 bits ** TLSv1:DES-CBC-SHA - ENABLED - WEAK 56 bits ** ** TLSv1:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** TLSv1:AES128-SHA - ENABLED - STRONG 128 bits TLSv1:AES256-SHA - ENABLED - STRONG 256 bits Error 20: unable to get local issuer certificate ** SSLv2:RC4-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:RC2-CBC-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:DES-CBC-MD5 - ENABLED - WEAK 56 bits ** ** SSLv2:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:DES-CBC3-MD5 - ENABLED - WEAK 168 bits ** Error 27: certificate not trusted Error 21: unable to verify the first certificate Error 20: unable to get local issuer certificate Default: TLSv1/SSLv3, Cipher is AES256-SHA Certificate Details: Key Size: 1024bits Issuer: Common Name (CN) : Akamai Subordinate CA 3 Company (O) : Akamai Technologies Inc Country (C) : US Subject: Common Name (CN) : usa.visa.com State (ST) : California Company (O) : Visa International Service Association Organizational Unit (OU) : Corporate intranet and internet Country (C) : US City (L) : Foster City Checking for TLS 1.1 support... no Checking fallback from TLS 1.1 to... TLS 1.0 Checking for TLS 1.0 support... yes Checking for SSL 3.0 support... yes Checking for version rollback bug in RSA PMS... no Checking for version rollback bug in Client Hello... no Checking whether we need to disable TLS 1.0... no Checking whether the server ignores the RSA PMS version... no Checking whether the server can accept Hello Extensions... yes Checking whether the server can accept cipher suites not in SSL 3.0 spec... yes Checking whether the server can accept a bogus TLS record version in the client hello... no Checking whether the server understands TLS closure alerts... yes Checking whether the server supports session resumption... yes Checking for export-grade ciphersuite support... no Checking for anonymous authentication support... no Checking for anonymous Diffie Hellman prime size... N/A Checking for ephemeral Diffie Hellman support... no Checking for ephemeral Diffie Hellman prime size... N/A Checking for AES cipher support (TLS extension)... yes Checking for 3DES cipher support... yes Checking for ARCFOUR 128 cipher support... yes Checking for ARCFOUR 40 cipher support... no Checking for MD5 MAC support... yes Checking for SHA1 MAC support... yes Checking for RIPEMD160 MAC support (TLS extension)... no Checking for ZLIB compression support (TLS extension)... no Checking for LZO compression support (GnuTLS extension)... no Checking for max record size (TLS extension)... no Checking for OpenPGP authentication support (TLS extension)... no *WARNING* 14 WEAK Ciphers Enabled. Total Ciphers Enabled: 24 Scan took 11 secs to finish Mon Mar 16 13:11:44 2009 FINISHED
Verbose Output Expired, Self-Signed Cert on Port 995:
$ perl ./ssl-cipher-check.pl -v unspecific.com 995 Mon Mar 16 13:29:53 2009 START Testing unspecific.com:995 Testing with OpenSSL 0.9.8g 19 Oct 2007 Running a total of 105 scans ............................................................................................................ SSLv3:RC4-MD5 - ENABLED - STRONG 128 bits SSLv3:DES-CBC3-SHA - ENABLED - STRONG 168 bits SSLv3:RC4-SHA - ENABLED - STRONG 128 bits ** SSLv3:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** SSLv3:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** SSLv3:AES128-SHA - ENABLED - STRONG 128 bits SSLv3:AES256-SHA - ENABLED - STRONG 256 bits Error 18: self signed certificate Error 10: certificate has expired TLSv1:RC4-MD5 - ENABLED - STRONG 128 bits TLSv1:DES-CBC3-SHA - ENABLED - STRONG 168 bits TLSv1:RC4-SHA - ENABLED - STRONG 128 bits ** TLSv1:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-DES-CBC-SHA - ENABLED - WEAK 40 bits ** ** TLSv1:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** TLSv1:AES128-SHA - ENABLED - STRONG 128 bits TLSv1:AES256-SHA - ENABLED - STRONG 256 bits Error 18: self signed certificate Error 10: certificate has expired ** SSLv2:RC4-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:RC2-CBC-MD5 - ENABLED - WEAK 128 bits ** ** SSLv2:EXP-RC4-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:EXP-RC2-CBC-MD5 - ENABLED - WEAK 40 bits ** ** SSLv2:DES-CBC3-MD5 - ENABLED - WEAK 168 bits ** Error 18: self signed certificate Error 10: certificate has expired Default: TLSv1/SSLv3, Cipher is AES256-SHA Certificate Details: Key Size: 1024bits Issuer: Common Name (CN) : mail2.unspecific.com Company (O) : Unspecific State (ST) : Texas Organizational Unit (OU) : Security Contact : madhat@unspecific.com Country (C) : US City (L) : Dallas Subject: Common Name (CN) : mail2.unspecific.com Company (O) : Unspecific State (ST) : Texas Organizational Unit (OU) : Security Contact : madhat@unspecific.com Country (C) : US City (L) : Dallas WARNING: Expired Certificate - Jun 21 06:17:31 2008 GMT WARNING: Self Signed Certificate *WARNING* 12 WEAK Ciphers Enabled. Total Ciphers Enabled: 22 Scan took 13 secs to finish Mon Mar 16 13:30:06 2009 FINISHED
CHANGELOG:
CHANGELOG ssl-cipher-check.pl 1.7 - Patch provided by markus.theissinger in .de to adjust for changes in openssl 1.6 - Fixes for issues reported by Steven Andrés 1.5 - fixed several issues where I was using = instead of 'eq' or == (from switching languages too much, damn php) - Fixed -s, was showing all enabled, and not marking weak, now only shows strong and enabled - Bug reported by Max.Atr *Thanks* 1.4 - added support for gnutls-cli-debug with -v (verbose output) 1.3 - Added more debug output - fixed proeblem with - added show only weak ciphers - added fix for 'return verify:0' 1.2 - Fixed bug introduced in 1.1 with inproper handling of Cert info - Added OID Cert info handling - Split errors to each Protocol -- Found interesting effect that SSLv2 does not handle Cert verification properly 1.1 - Added debug output - Added verbose output 1.0 - Complete rewrite - Changed output - Better error handling