Menu
▾
▴
THCSSLCheck-en
THCSSLCheck
Phase(s):
Primary: Mapping.
Secondary: N/A.
Description:
Tool that inspects the supported protocols and cryptographic algorithms inside SSL/TLS secure communication channels.
Objective:
- Identify the supported protocols versions inside SSL/TLS secure communication channels.
- Identify the supported cryptographic algorithms versions inside SSL/TLS secure communication channels.
Features:
Supported technologies: SSL/TLS secure communication channels.
Operative mode: Active.
Identify the supported protocols versions:
- Returns the supported protocols versions for SSL (v2 and v3) and TLS (1.0).
- Returns the supported cryptographic algorithms such as: AES, DES, RC4, etc.
Reports:
Output reports: X
Required to export the terminal results to a file.
- Analysis of the supported protocols by version and cryptographic algorithms by key length.
Basic usage:
Begin a SSL/TLS secure communication channel analysis. The following command initiates SSL/TLS secure communication channel analysis
wine THCSSLCheck.exe [IP address or domain] [port] > [path]/THCSSLCheck.txt
Where:
- IP address: Server IP address.
- port: Port running the SSL/TLS secure communication channel analysis.
- path: Path for exporting the terminal output.
The tool will start the analysis over each individual protocol against every cryptographic algorithm to verify its support.
------------------------------------------------------------------------
THCSSLCheck v0.1 - coding johnny cyberpunk (www.thc.org) 2004
------------------------------------------------------------------------
[*] testing if port is up. pleaze wait...
[*] port is up !
[*] testing if service speaks SSL ...
[*] service speaks SSL !
[*] now testing SSLv2
----------------------------------------------------------------------
DES-CBC3-MD5 - 168 Bits - unsupported
IDEA-CBC-MD5 - 128 Bits – unsupported
RC2-CBC-MD5 - 128 Bits - unsupported
…
[*] now testing SSLv3
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
[*] now testing TLSv1
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
THCSSLCheck v0.1 - coding johnny cyberpunk (www.thc.org) 2004
------------------------------------------------------------------------
[*] testing if port is up. pleaze wait...
[*] port is up !
[*] testing if service speaks SSL ...
[*] service speaks SSL !
[*] now testing SSLv2
----------------------------------------------------------------------
DES-CBC3-MD5 - 168 Bits - unsupported
IDEA-CBC-MD5 - 128 Bits – unsupported
RC2-CBC-MD5 - 128 Bits - unsupported
…
[*] now testing SSLv3
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
[*] now testing TLSv1
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
Resources:
Link: http://www.thc.org/root/tools/
Author(s): johnny cyberpunk
The Hacker’s Choice
Contact: jcyberpunk [at] thc dot org
License: GNU LGPL Version 2.1
