From 50922aba6ea5c87ecb32eabc88d849f3fd4304c4 Mon Sep 17 00:00:00 2001 From: Patrick Bogen Date: Fri, 22 Feb 2013 10:31:49 -0800 Subject: [PATCH 1/2] Updated e-mail address. --- cipherTest.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cipherTest.sh b/cipherTest.sh index 66efc81..e823073 100755 --- a/cipherTest.sh +++ b/cipherTest.sh @@ -11,7 +11,7 @@ if [ "z$1" = "z" -o "z$2" = "z" ] then echo "Usage: $0 " >&2 echo " Behavior is undefined if hostname is invalid or not listening on the port." >&2 - echo " Credits: Patrick Bogen &2 + echo " Credits: Patrick Bogen " >&2 exit 2 fi From feac5df4ccb6fef21030f14cc3e79e23c4e77826 Mon Sep 17 00:00:00 2001 From: Patrick Bogen Date: Fri, 22 Feb 2013 11:22:26 -0800 Subject: [PATCH 2/2] Highlight some weak cipher configurations in red. --- cipherTest.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cipherTest.sh b/cipherTest.sh index e823073..4bd33f3 100755 --- a/cipherTest.sh +++ b/cipherTest.sh @@ -138,7 +138,7 @@ do if [ $OK -eq 1 ] then [ -t 1 ] && echo -en '\r\e[K' - printf '%-7s %-17s %-10s %-11s\n' "SSL2.0" $v2_cipher $_mac $_kx + printf '\e[1;31m%-7s %-17s %-10s %-11s\n\e[00m' "SSL2.0" $v2_cipher $_mac $_kx # openssl ciphers -v -ssl2 | grep ^$i || echo "No match for $i" fi done @@ -163,12 +163,14 @@ do do i=$(( $i + 1 )) [ -t 1 ] && printf '\r%-7s %-17s %-10s %-11s (%d / %d)' $proto $cipher $mac $kx $i $total -# printf "%-7s %-17s %-10s %-11s " $proto $cipher $mac $kx echo -ne $request | gnutls-cli --insecure --priority NONE:+VERS-$proto:+$kx:+$mac:+COMP-NULL:+$cipher -p $PORT $IP > /dev/null 2>&1 if [ $? -eq 0 ] then [ -t 1 ] && echo -en "\r\e[K" + [ $mac = "MD5" ] && echo -ne '\e[1;31m' + [ $cipher = "ARCFOUR-40" ] && echo -ne '\e[1;31m' printf "%-7s %-17s %-10s %-11s\n" $proto $cipher $mac $kx + echo -ne '\e[00m' fi done done