Checking for SSL Vulnerabilities on the Command Line

While Nessus is a wonderful vulnerability scanner, sometimes it is too slow and resource heavy for individual issues. The following 2 equivalent scripts perform checks for the following SSL related Nessus plugins: 20007: SSL Version 2 (v2) Protocol Detection 26928: SSL Weak Cipher Suites Supported 31705: SSL Anonymous Cipher Suites Supported The first is the curl version: #!/bin/bash # phaas at redspin.com: Never us a ‘sh when a bash is necessary # Checks the Equivalent of Nessus Plugin 20007, 26928 … →

Handling HTTP and SSL in the Shell

Posted on July 1, 2009 by The Shell Shakespear Leave a comment

The topic of this week’s shell1liners is handling HTTP and SSL in Bash: #netcat scanner for HTTP servers for i in $(seq 1 255); do nc -n -v -z "192.168.1.$i" 80 | grep "open"; done | tee webservers.txt # Manually perform a HTTP Get Request echo -ne "GET / HTTP/1.0\n\n" | nc www.redspin.com 80 # Manually perform a HTTP Get Request on a SSL Port echo -ne "GET / HTTP/1.0\n\n" | socat – OPENSSL:www.website.com:443,verify=0 # Create a local TCP … →

An Introduction to Shell One Liners

Posted on June 25, 2009 by The Shell Shakespear 3 Comments

The knowledge and use of the command line is a powerful tool that can aid in the creation, modification and automation of routine tasks that a security auditor or any computer user may come up against. The flexibility, simplicity, and leetness of the shell oneliner can replace thousand-line perl code which otherwise would be thrown away after the task is complete. We have decided to provide share some of our favorite oneliners that we have found useful, either culled from … →