Menu
▾
▴
SSL/TLS secure communication channels.
Operative mode: Active.
en_thcsslcheck
THCSSLCheck
Phase(s):
Primary: Mapping.
Secondary: N/A.
Description:
Tool that inspects the supported protocols and cryptographic algorithms inside SSL/TLS secure communication channels.
Objective:
- Identify the supported protocols versions inside SSL/TLS secure communication channels.
- Identify the supported cryptographic algorithms inside SSL/TLS secure communication channels.
Features:
Supported technologies:
Operative mode: Active.
Identify the supported protocols versions:
- Returns the supported protocols versions for SSL (v2 and v3) and TLS (1.0, 1.1 and 1.2).
- Returns the supported cryptographic algorithms such as: AES, DES, RC4, etc.
Reports:
Output reports: ✔
- Required to export the terminal results to a file.
- Analysis of the supported protocols by version and cryptographic algorithms by key length.
Basic usage:
Begin a SSL/TLS secure communication channel analysis. The following command executes SSL/TLS secure communication channel analysis.
THCSSLCheck [domain/IP] [port] > [output_file]
Where:
- [domain/IP]: Server IP address or domain to analyze.
- [port]: Port used for the SSL/TLS secure communication channel.
- [output_file]: Path for exporting the terminal output.
-----------------------------------------------------------------------
THCSSLCheck v0.1 - coding johnny cyberpunk (www.thc.org) 2004
------------------------------------------------------------------------
[*] testing if port is up. pleaze wait...
[*] port is up !
[*] testing if service speaks SSL ...
[*] service speaks SSL !
[*] now testing SSLv2
----------------------------------------------------------------------
DES-CBC3-MD5 - 168 Bits - unsupported
IDEA-CBC-MD5 - 128 Bits – unsupported
RC2-CBC-MD5 - 128 Bits - unsupported
…
[*] now testing SSLv3
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
[*] now testing TLSv1
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
THCSSLCheck v0.1 - coding johnny cyberpunk (www.thc.org) 2004
------------------------------------------------------------------------
[*] testing if port is up. pleaze wait...
[*] port is up !
[*] testing if service speaks SSL ...
[*] service speaks SSL !
[*] now testing SSLv2
----------------------------------------------------------------------
DES-CBC3-MD5 - 168 Bits - unsupported
IDEA-CBC-MD5 - 128 Bits – unsupported
RC2-CBC-MD5 - 128 Bits - unsupported
…
[*] now testing SSLv3
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…
[*] now testing TLSv1
----------------------------------------------------------------------
DHE-RSA-AES256-SHA - 256 Bits - unsupported
DHE-DSS-AES256-SHA - 256 Bits - unsupported
AES256-SHA - 256 Bits - supported
…