4.0
1IZ1TDd
1IZ1TDd
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
161Web Application Penetration TestingExample 3. Checking for Certificate information, Weak Ciphersand SSLv2 via nmapNmap has two scripts for checking Certificate information, WeakCiphers and SSLv2 [31].$ nmap --script ssl-cert,ssl-enum-ciphers -p443,465,993,995 www.example.comStarting Nmap 6.25 ( http: /nmap.org ) at 2013-01-01 00:00CESTNmap scan report for www.example.com (127.0.0.1)Host is up (0.090s latency).rDNS record for 127.0.0.1: www.example.comPORT STATE SERVICE443/tcp open https| ssl-cert: Subject: commonName=www.example.org| Issuer: commonName=*******| Public Key type: rsa| Public Key bits: 1024| Not valid before: 2010-01-23T00:00:00+00:00| Not valid after: 2020-02-28T23:59:59+00:00| MD5: *******|_SHA-1: *******| ssl-enum-ciphers:| SSLv3:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL| TLSv1.0:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL|_ least strength: strong465/tcp open smtps| ssl-cert: Subject: commonName=*.exapmple.com| Issuer: commonName=*******| Public Key type: rsa| Public Key bits: 2048| Not valid before: 2010-01-23T00:00:00+00:00| Not valid after: 2020-02-28T23:59:59+00:00| MD5: *******|_SHA-1: *******| ssl-enum-ciphers:| SSLv3:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL| TLSv1.0:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL|_ least strength: strong993/tcp open imaps| ssl-cert: Subject: commonName=*.exapmple.com| Issuer: commonName=*******| Public Key type: rsa| Public Key bits: 2048| Not valid before: 2010-01-23T00:00:00+00:00| Not valid after: 2020-02-28T23:59:59+00:00| MD5: *******|_SHA-1: *******| ssl-enum-ciphers:| SSLv3:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL| TLSv1.0:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL|_ least strength: strong995/tcp open pop3s| ssl-cert: Subject: commonName=*.exapmple.com| Issuer: commonName=*******| Public Key type: rsa| Public Key bits: 2048| Not valid before: 2010-01-23T00:00:00+00:00| Not valid after: 2020-02-28T23:59:59+00:00| MD5: *******|_SHA-1: *******| ssl-enum-ciphers:| SSLv3:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL| TLSv1.0:| ciphers:| TLS_RSA_WITH_CAMELLIA_128_CBC_SHA - strong| TLS_RSA_WITH_CAMELLIA_256_CBC_SHA - strong| TLS_RSA_WITH_RC4_128_SHA - strong| compressors:| NULL|_ least strength: strongNmap done: 1 IP address (1 host up) scanned in 8.64 seconds