Skip to content

Commit

Permalink
Merge pull request #2 from SamoKopecky/dev
Browse files Browse the repository at this point in the history 
Merge with Penterep Tools template and SSLv[2,3] scanning
  • Loading branch information
@SamoKopecky
SamoKopecky authored Aug 9, 2021
2 parents 2c91b82 + 6636560 commit 9f1deac
Show file tree
Hide file tree
Showing 55 changed files with 1,949 additions and 547 deletions.
4 changes: 2 additions & 2 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ share/python-wheels/
MANIFEST

# PyInstaller
# Usually these files are written by a python script from a template
# Usually these files are written by a python script from a SSLTest
# before PyInstaller builds the exe, so as to inject date/other infos into it.
*.manifest
*.spec
Expand Down Expand Up @@ -131,5 +131,5 @@ dmypy.json
# Pycharm
.idea/

output.json
SSLTest/output.json
logs/
674 changes: 674 additions & 0 deletions LICENSE
View file

Large diffs are not rendered by default.

113 changes: 79 additions & 34 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,34 +1,79 @@
# Overview

- A standalone script that can be run in a console
- File `resources/security_levels.json` can be edited to change the parameter rating values

# Run the script

- Run the main file `ssltest.py` with option `-u` to enter the url.
- Use `-h` or `--help` for more help.
- Example: `./ssltest.py -u vutbr.cz`

## Prepare hosting OS environment

- If you are going to run the script these dependencies are required
- To install required python packages use `pip3 install -r requirements.txt` command which installs:
- [cryptography](https://pypi.org/project/cryptography/)
- [pyopenssl](https://pypi.org/project/pyOpenSSL/)
- [python3-nmap](https://pypi.org/project/python3-nmap/)
- [requests](https://pypi.org/project/requests/)
- [urllib3](https://pypi.org/project/urllib3/)
- [Flask](https://pypi.org/project/Flask/)
- [flask-restful](https://pypi.org/project/Flask-RESTful/)
- Nmap is required to for some functions, install with `apt install -y nmap`
- To run the tool script refer to the section at the start

## Supported vulnerability tests

- Heartbleed
- CCS Injection
- Insecure renegotiation
- ZombiePOODLE/GOLDENDOODLE
- Session ticker support
- CRIME
- RC4 Support
```
____ _ _____ _
| _ \ ___ _ __ | |_ ___ _ __ ___ _ __ |_ _|__ ___ | |___
| |_) / _ \ '_ \| __/ _ \ '__/ _ \ '_ \ | |/ _ \ / _ \| / __|
| __/ __/ | | | || __/ | | __/ |_) | | | (_) | (_) | \__ \
|_| \___|_| |_|\__\___|_| \___| .__/ |_|\___/ \___/|_|___/
|_|
```

# SSLTest
Script that scans web servers cryptographic parameters and vulnerabilities

## Installation

```
$ git clone SSLTest
$ cd SSLTest && sudo pip install .
```

## Installation (ptmanager)

```
$ sudo ptmanager -ut SSLTest
```

## Options
```
-u --url <url> Url to scan, required option
-p --port Port or ports (separate with spaces) to scan on (default: [443])
-j --json change output to json format, if a file name is specified output is
written to the given file
-t --test test the server for a specified vulnerability
possible vulnerabilities (separate with spaces):
0: No test
1: Heartbleed
2: CCS injection
3: Insecure renegotiation
4: ZombiePOODLE/GOLDENDOOLDE
5: Session ticket support
6: CRIME
7: RC4 support
if this argument isn't specified all tests will be ran
-fc --fix-conf Allow the use of older versions of TLS protocol (TLSv1 and TLSv1.1)
in order to scan a server which still run on these versions.
!WARNING!: this may rewrite the contents of a configuration file
located at /etc/ssl/openssl.cnf
-ns --nmap-scan Use nmap to scan the server version
-nd --nmap-discover Use nmap to discover web server ports
-i --info Output some internal information about the script functions
-d --debug Output debug information
-v --version Show script version and exit
-h --help Show this help message and exit
```

## Usage examples
```
$ SSLTest.py -u https://example.com -t 1 2
```

## Version History

* 0.0.1

## Licence

Copyright (c) 2020 HACKER Consulting s.r.o.

This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
119 changes: 119 additions & 0 deletions SSLTest/SSLTest.py
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,119 @@
#!/usr/bin/python3

__version__ = "0.0.1"

import argparse
import sys

from ptlibs import ptjsonlib, ptmisclib

from src.run import run, get_tests_switcher


class SSLTest:
def __init__(self, args):
self.args = args
self.ptjsonlib = ptjsonlib.ptjsonlib(self.args.json)
self.json_no = self.ptjsonlib.add_json("SSLTest")
self.use_json = self.args.json

def run(self):
run(self.args)
ptmisclib.ptprint(ptmisclib.out_if(self.ptjsonlib.get_all_json(), "", self.use_json))


def get_tests_help():
tests_help = 'test the server for a specified vulnerability\n' \
'possible vulnerabilities (separate with spaces):\n'
for key, value in get_tests_switcher().items():
test_number = key
test_desc = value[1]
tests_help += f'{" " * 4}{test_number}: {test_desc}\n'
tests_help += 'if this argument isn\'t specified all tests will be ran'
return tests_help


def get_help():
return [
{"description": ["Script that scans web servers cryptographic parameters and vulnerabilities "]},
{"usage": [f"{SCRIPTNAME}.py <options>"]},
{"usage_example": [f"{SCRIPTNAME}.py -u https://example.com -t 1 2"]},
{"options": [
["-u", "--url", "<url>", "Url to scan, required option"],
["-p", "--port", "", "Port or ports (separate with spaces) to scan on (default: [443])"],
["-j", "--json", "", "change output to json format, if a file name is specified output is written to the "
"given file"],
["-t", "--test", "", get_tests_help()],
["-fc", "--fix-conf", "", "Allow the use of older versions of TLS protocol (TLSv1 and TLSv1.1) in order to"
"\n scan a server which still run on these versions. !WARNING!: this may rewrite"
"\n the contents of a configuration file located at /etc/ssl/openssl.cnf"],
["-ns", "--nmap-scan", "", "Use nmap to scan the server version"],
["-nd", "--nmap-discover", "", "Use nmap to discover web server ports"],
["-i", "--info", "", "Output some internal information about the script functions"],
["-d", "--debug", "", "Output debug information"],
["-v", "--version", "", "Show script version and exit"],
["-h", "--help", "", "Show this help message and exit"]
]
}
]


def print_help():
ptmisclib.help_print(get_help(), SCRIPTNAME, __version__)


def parse_args():
parser = argparse.ArgumentParser(add_help=False, usage=f"{SCRIPTNAME}.py <options>")
required = parser.add_argument_group("required arguments")
required.add_argument("-u", "--url", required=True, metavar="url")
parser.add_argument("-p", "--port", default=[443], type=int, nargs="+", metavar="port")
parser.add_argument("-j", "--json", action="store", metavar="output_file", required=False, nargs="?", default=False)
parser.add_argument("-t", "--test", type=int, metavar="test_num", nargs="+")
parser.add_argument("-fc", "--fix-conf", action="store_true", default=False)
parser.add_argument("-ns", "--nmap-scan", action="store_true", default=False)
parser.add_argument("-nd", "--nmap-discover", action="store_true", default=False)
parser.add_argument("-i", "--info", action="store_true", default=False)
parser.add_argument("-d", "--debug", action="store_true", default=False)
parser.add_argument("-v", "--version", action="version", version=f"%(prog)s {__version__}")

if len(sys.argv) == 1 or "-h" in sys.argv or "--help" in sys.argv:
print_help()
sys.exit(0)
args = parser.parse_args()
check_test_option(args.test)
ptmisclib.print_banner(SCRIPTNAME, __version__, args.json)
return args


def check_test_option(tests):
"""
Check if the tests numbers are actually tests
:param tests: test argument
:return:
"""
if not tests:
return
tests_switcher = get_tests_switcher()
test_numbers = [test for test in tests_switcher.keys()]
unknown_tests = list(filter(lambda test: test not in test_numbers, tests))
if unknown_tests:
print_help()
if len(unknown_tests) > 1:
unknown_tests = list(map(str, unknown_tests))
print(f"Numbers {','.join(unknown_tests)} are not test numbers.", file=sys.stderr)
else:
print(f"Number {unknown_tests[0]} is not a test number.", file=sys.stderr)
sys.exit(1)


def main():
global SCRIPTNAME
SCRIPTNAME = "SSLTest"
args = parse_args()
script = SSLTest(args)
script.run()


if __name__ == "__main__":
main()
0 scan_parameters/__init__.py → SSLTest/src/__init__.py
View file
File renamed without changes.
6 changes: 5 additions & 1 deletion fix_openssl_config.py → SSLTest/src/fix_openssl_config.py
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
#!/usr/bin/python3

import os


def fix_openssl_config():
config_file_name = '/etc/ssl/openssl.cnf'
config_file = open(config_file_name, 'r')
Expand All @@ -22,7 +25,8 @@ def fix_openssl_config():
append[1] = True

if append[0] or append[1]:
correct_config_file = open('resources/correct_openssl_conf.txt', 'r')
root_dir = os.path.dirname(os.path.abspath(__file__))
correct_config_file = open(f'{root_dir}/../../resources/correct_openssl_conf.txt', 'r')
correct_config = correct_config_file.read()
with open(config_file_name, 'w') as f:
f.seek(0, 0)
Expand Down
Loading

0 comments on commit 9f1deac

Please sign in to comment.