Skip to content

Releases: rbsec/sslscan

2.1.6

05 Dec 13:42
Compare
Choose a tag to compare

Newer version of OpenSSL flag the CCM8 ciphers suites (such as AES256-CCM8/TLS_DHE_RSA_WITH_AES_256_CCM_8) as having a strength of 64 bits due to the short authentication tag, as discussed here:

openssl/openssl#16652

This meant that if sslscan was statically against older versions of OpenSSL built they would show up as 128/256 bits, but if it was built against a newer version (as Kali does for their package) they would show up as 64 bit. To work around this, we manually set the strength for these ciphers to 64 bit (regardless of what the version of OpenSSL we're building against thinks they are), so that all versions should return consistent results.

2.1.5

21 Sep 19:15
Compare
Choose a tag to compare

Makefile improvements

2.1.4

16 Jun 17:53
Compare
Choose a tag to compare

Add --show-certificates option to show the full certificate chain.

2.1.3

21 Jan 13:44
Compare
Choose a tag to compare
  • Enable quiet shutdown for scanning (credit jarnfast)
  • Fix Docked build on non-x64 architectures (credit jtesta)

2.1.2

14 Nov 21:39
Compare
Choose a tag to compare

Fix certificate and cipher enumeration when unsafe renegotiation is (credit jtesta)

2.1.1

19 Sep 17:21
Compare
Choose a tag to compare

Work around a couple of dodgy TLS implementations.

2.1.0

05 Sep 20:31
Compare
Choose a tag to compare

sslscan is now built against OpenSSL 3.0, due to OpenSSL 1.1.1 reaching its end of life.

2.0.16

08 Apr 21:58
Compare
Choose a tag to compare
  • Fix incorrect TLSv1.3 detection for Server 2019 (credit jtesta)
  • Fix incorrect XML output related to certificates

2.0.15

03 Jul 15:46
Compare
Choose a tag to compare

Obtain certificate information even if we can't negotiate a proper connection.

2.0.14

23 Jun 10:09
Compare
Choose a tag to compare

Strip out the https:// from lines in a target file