-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcipher-check.sh
More file actions
executable file
·25 lines (22 loc) · 861 Bytes
/
cipher-check.sh
File metadata and controls
executable file
·25 lines (22 loc) · 861 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# Cipher-Check - version 1.1
# This script will check available ciphers enabled in a host
# Script can be executed using:
# sudo chmod +x cipher-check.sh
# sudo ./cipher-check host port (eg: sudo ./cipher-check example.com 443)
# Updated to use some parallel processing to speed it up on Jan 2025
#!/bin/bash
# Define the protocols and ciphers
protocols=("ssl2" "ssl3" "tls1" "tls1_1" "tls1_2" "tls1_3")
ciphers=($(openssl ciphers 'ALL:eNULL' | tr ':' ' '))
# Function to check ciphers for a given protocol
check_ciphers() {
local protocol=$1
for cipher in "${ciphers[@]}"; do
openssl s_client -connect "$2:$3" -cipher "$cipher" -"$protocol" < /dev/null > /dev/null 2>&1 && echo -e "$protocol:\t$cipher" &
done
wait
}
# Loop through the protocols and check ciphers
for protocol in "${protocols[@]}"; do
check_ciphers "$protocol" "$1" "$2"
done