Archives par mot-clé : Poodle

Check faille SSL poodle

#!/bin/bash

host_list="123.123.123.123 233.233.233.666"

port_list="443 993"


for host in $host_list
do
	for port in $port_list
	do
		if [ $(echo quit | timeout 2 openssl s_client -connect $host:$port -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
		then
			echo $host:$port : Vulnérable
		fi

	done

	if [ $(echo quit | timeout 2 openssl s_client -starttls ftp -connect $host:21 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
	then
		echo $host:21 : Vulnérable STARTTLS
	fi
	if [ $(echo quit | timeout 2 openssl s_client -starttls smtp -connect $host:25 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
	then
		echo $host:25 : Vulnérable STARTTLS
	fi

	if [ $(echo quit | timeout 2 openssl s_client -starttls smtp -connect $host:465 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
	then
		echo $host:465 : Vulnérable STARTTLS
	fi

	if [ $(echo quit | timeout 2 openssl s_client -starttls smtp -connect $host:587 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
	then
		echo $host:587 : Vulnérable STARTTLS
	fi

	if [ $(echo quit | timeout 2 openssl s_client -starttls imap -connect $host:143 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
	then
		echo $host:143 : Vulnérable STARTTLS
	fi

        if [ $(echo quit | timeout 2 openssl s_client -starttls pop3 -connect $host:110 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
        then
                echo $host:110 : Vulnérable STARTTLS
        fi

        if [ $(echo quit | timeout 2 openssl s_client -starttls xmpp -connect $host:5222 -ssl3 2>&1 | grep -c 'BEGIN CERTIFICATE') -gt 0 ]
        then
                echo $host:5222 : Vulnérable STARTTLS
        fi

done