sslscan

msf > use auxiliary/pro/web_ssl_scan

msf auxiliary(web_ssl_scan) > show options

Module options (auxiliary/pro/web_ssl_scan):

Name          Current Setting  Required  Description

----          ---------------  --------  -----------

REPORT_WEAK   true             yes       Report Web Vulns if weak SSL implementation in use

RHOST                          yes       The target address

RPORT         443              yes       The target port

SSL_REQUIRED  true             yes       Report Web Vulns if not using SSL

msf auxiliary(web_ssl_scan) > run

[*] www.yahoo.com:443 - SSL Scan Initiated

[*] SSL Ciphers

===========

Status    Weak  SSL Version  Key Length  Cipher

------    ----  -----------  ----------  ------

Accepted        SSLv3        128         AES128-SHA

Accepted        SSLv3        128         ECDHE-RSA-AES128-SHA

Accepted        SSLv3        128         RC4-SHA

Accepted        SSLv3        128         ECDHE-RSA-RC4-SHA

Accepted        SSLv3        128         RC4-MD5

Accepted        SSLv3        168         DES-CBC3-SHA

Accepted        SSLv3        256         ECDHE-RSA-AES256-SHA

Accepted        SSLv3        256         AES256-SHA

Accepted        TLSv1        128         ECDHE-RSA-RC4-SHA

Accepted        TLSv1        128         RC4-MD5

Accepted        TLSv1        128         AES128-SHA

Accepted        TLSv1        128         ECDHE-RSA-AES128-SHA

Accepted        TLSv1        128         RC4-SHA

Accepted        TLSv1        168         DES-CBC3-SHA

Accepted        TLSv1        256         ECDHE-RSA-AES256-SHA

Accepted        TLSv1        256         AES256-SHA

Rejected  *     SSLv3        40          EXP-EDH-RSA-DES-CBC-SHA

Rejected  *     SSLv3        40          EXP-RC4-MD5

Rejected  *     SSLv3        40          EXP-EDH-DSS-DES-CBC-SHA

Rejected  *     SSLv3        40          EXP-RC2-CBC-MD5

Rejected  *     SSLv3        40          EXP-DES-CBC-SHA

Rejected  *     SSLv3        56          EDH-RSA-DES-CBC-SHA

Rejected  *     SSLv3        56          EDH-DSS-DES-CBC-SHA

Rejected  *     SSLv3        56          DES-CBC-SHA

Rejected        SSLv3        128         ECDH-ECDSA-AES128-GCM-SHA256

Rejected        SSLv3        128         ECDHE-ECDSA-RC4-SHA

Rejected        SSLv3        128         CAMELLIA128-SHA

Rejected        SSLv3        128         SEED-SHA

Rejected        SSLv3        128         DHE-RSA-CAMELLIA128-SHA

Rejected        SSLv3        128         AES128-SHA256

Rejected        SSLv3        128         AES128-GCM-SHA256

Rejected        SSLv3        128         ECDH-ECDSA-AES128-SHA

Rejected        SSLv3        128         ECDH-RSA-AES128-SHA

Rejected        SSLv3        128         ECDH-ECDSA-AES128-SHA256

Rejected        SSLv3        128         ECDH-RSA-AES128-SHA256

Rejected        SSLv3        128         PSK-AES128-CBC-SHA

Rejected        SSLv3        128         ECDH-RSA-AES128-GCM-SHA256

Rejected        SSLv3        128         ECDH-ECDSA-RC4-SHA

Rejected        SSLv3        128         DHE-DSS-CAMELLIA128-SHA

Rejected        SSLv3        128         ECDHE-RSA-AES128-GCM-SHA256

Rejected        SSLv3        128         ECDHE-ECDSA-AES128-GCM-SHA256

Rejected        SSLv3        128         ECDHE-RSA-AES128-SHA256

Rejected        SSLv3        128         ECDHE-ECDSA-AES128-SHA256

Rejected        SSLv3        128         PSK-RC4-SHA

Rejected        SSLv3        128         ECDHE-ECDSA-AES128-SHA

Rejected        SSLv3        128         SRP-DSS-AES-128-CBC-SHA

Rejected        SSLv3        128         SRP-RSA-AES-128-CBC-SHA

Rejected        SSLv3        128         SRP-AES-128-CBC-SHA

Rejected        SSLv3        128         DHE-DSS-AES128-GCM-SHA256

Rejected        SSLv3        128         DHE-RSA-AES128-GCM-SHA256

Rejected        SSLv3        128         DHE-RSA-AES128-SHA256

Rejected        SSLv3        128         DHE-DSS-AES128-SHA256

Rejected        SSLv3        128         DHE-RSA-AES128-SHA

Rejected        SSLv3        128         DHE-DSS-AES128-SHA

Rejected        SSLv3        128         DHE-RSA-SEED-SHA

Rejected        SSLv3        128         DHE-DSS-SEED-SHA

Rejected        SSLv3        128         ECDH-RSA-RC4-SHA

Rejected        SSLv3        168         PSK-3DES-EDE-CBC-SHA

Rejected        SSLv3        168         ECDH-ECDSA-DES-CBC3-SHA

Rejected        SSLv3        168         ECDH-RSA-DES-CBC3-SHA

Rejected        SSLv3        168         EDH-DSS-DES-CBC3-SHA

Rejected        SSLv3        168         EDH-RSA-DES-CBC3-SHA

Rejected        SSLv3        168         SRP-3DES-EDE-CBC-SHA

Rejected        SSLv3        168         SRP-RSA-3DES-EDE-CBC-SHA

Rejected        SSLv3        168         SRP-DSS-3DES-EDE-CBC-SHA

Rejected        SSLv3        168         ECDHE-ECDSA-DES-CBC3-SHA

Rejected        SSLv3        168         ECDHE-RSA-DES-CBC3-SHA

Rejected        SSLv3        256         DHE-DSS-CAMELLIA256-SHA

Rejected        SSLv3        256         CAMELLIA256-SHA

Rejected        SSLv3        256         AES256-SHA256

Rejected        SSLv3        256         AES256-GCM-SHA384

Rejected        SSLv3        256         ECDH-ECDSA-AES256-SHA

Rejected        SSLv3        256         ECDH-RSA-AES256-SHA

Rejected        SSLv3        256         ECDH-ECDSA-AES256-SHA384

Rejected        SSLv3        256         ECDH-RSA-AES256-SHA384

Rejected        SSLv3        256         ECDH-ECDSA-AES256-GCM-SHA384

Rejected        SSLv3        256         ECDH-RSA-AES256-GCM-SHA384

Rejected        SSLv3        256         PSK-AES256-CBC-SHA

Rejected        SSLv3        256         DHE-RSA-CAMELLIA256-SHA

Rejected        SSLv3        256         DHE-DSS-AES256-SHA

Rejected        SSLv3        256         DHE-RSA-AES256-SHA

Rejected        SSLv3        256         DHE-DSS-AES256-SHA256

Rejected        SSLv3        256         ECDHE-ECDSA-AES256-SHA

Rejected        SSLv3        256         DHE-RSA-AES256-GCM-SHA384

Rejected        SSLv3        256         DHE-DSS-AES256-GCM-SHA384

Rejected        SSLv3        256         ECDHE-RSA-AES256-GCM-SHA384

Rejected        SSLv3        256         ECDHE-ECDSA-AES256-GCM-SHA384

Rejected        SSLv3        256         ECDHE-RSA-AES256-SHA384

Rejected        SSLv3        256         ECDHE-ECDSA-AES256-SHA384

Rejected        SSLv3        256         SRP-AES-256-CBC-SHA

Rejected        SSLv3        256         SRP-RSA-AES-256-CBC-SHA

Rejected        SSLv3        256         SRP-DSS-AES-256-CBC-SHA

Rejected        SSLv3        256         DHE-RSA-AES256-SHA256

Rejected  *     TLSv1        40          EXP-EDH-RSA-DES-CBC-SHA

Rejected  *     TLSv1        40          EXP-EDH-DSS-DES-CBC-SHA

Rejected  *     TLSv1        40          EXP-DES-CBC-SHA

Rejected  *     TLSv1        40          EXP-RC2-CBC-MD5

Rejected  *     TLSv1        40          EXP-RC4-MD5

Rejected  *     TLSv1        56          DES-CBC-SHA

Rejected  *     TLSv1        56          EDH-RSA-DES-CBC-SHA

Rejected  *     TLSv1        56          EDH-DSS-DES-CBC-SHA

Rejected        TLSv1        128         ECDH-ECDSA-AES128-GCM-SHA256

Rejected        TLSv1        128         PSK-RC4-SHA

Rejected        TLSv1        128         ECDH-ECDSA-RC4-SHA

Rejected        TLSv1        128         ECDH-RSA-RC4-SHA

Rejected        TLSv1        128         ECDHE-ECDSA-RC4-SHA

Rejected        TLSv1        128         PSK-AES128-CBC-SHA

Rejected        TLSv1        128         CAMELLIA128-SHA

Rejected        TLSv1        128         DHE-DSS-AES128-GCM-SHA256

Rejected        TLSv1        128         AES128-SHA256

Rejected        TLSv1        128         AES128-GCM-SHA256

Rejected        TLSv1        128         ECDH-ECDSA-AES128-SHA

Rejected        TLSv1        128         ECDH-RSA-AES128-SHA

Rejected        TLSv1        128         ECDH-ECDSA-AES128-SHA256

Rejected        TLSv1        128         ECDH-RSA-AES128-SHA256

Rejected        TLSv1        128         ECDHE-ECDSA-AES128-SHA256

Rejected        TLSv1        128         ECDH-RSA-AES128-GCM-SHA256

Rejected        TLSv1        128         DHE-DSS-CAMELLIA128-SHA

Rejected        TLSv1        128         DHE-RSA-CAMELLIA128-SHA

Rejected        TLSv1        128         DHE-DSS-SEED-SHA

Rejected        TLSv1        128         DHE-RSA-SEED-SHA

Rejected        TLSv1        128         DHE-DSS-AES128-SHA

Rejected        TLSv1        128         DHE-RSA-AES128-SHA

Rejected        TLSv1        128         DHE-DSS-AES128-SHA256

Rejected        TLSv1        128         ECDHE-RSA-AES128-GCM-SHA256

Rejected        TLSv1        128         ECDHE-ECDSA-AES128-GCM-SHA256

Rejected        TLSv1        128         ECDHE-RSA-AES128-SHA256

Rejected        TLSv1        128         DHE-RSA-AES128-SHA256

Rejected        TLSv1        128         DHE-RSA-AES128-GCM-SHA256

Rejected        TLSv1        128         ECDHE-ECDSA-AES128-SHA

Rejected        TLSv1        128         SRP-DSS-AES-128-CBC-SHA

Rejected        TLSv1        128         SRP-RSA-AES-128-CBC-SHA

Rejected        TLSv1        128         SRP-AES-128-CBC-SHA

Rejected        TLSv1        128         SEED-SHA

Rejected        TLSv1        168         PSK-3DES-EDE-CBC-SHA

Rejected        TLSv1        168         ECDHE-RSA-DES-CBC3-SHA

Rejected        TLSv1        168         ECDHE-ECDSA-DES-CBC3-SHA

Rejected        TLSv1        168         SRP-DSS-3DES-EDE-CBC-SHA

Rejected        TLSv1        168         ECDH-ECDSA-DES-CBC3-SHA

Rejected        TLSv1        168         ECDH-RSA-DES-CBC3-SHA

Rejected        TLSv1        168         EDH-DSS-DES-CBC3-SHA

Rejected        TLSv1        168         EDH-RSA-DES-CBC3-SHA

Rejected        TLSv1        168         SRP-3DES-EDE-CBC-SHA

Rejected        TLSv1        168         SRP-RSA-3DES-EDE-CBC-SHA

Rejected        TLSv1        256         AES256-GCM-SHA384

Rejected        TLSv1        256         DHE-DSS-AES256-GCM-SHA384

Rejected        TLSv1        256         DHE-RSA-AES256-GCM-SHA384

Rejected        TLSv1        256         PSK-AES256-CBC-SHA

Rejected        TLSv1        256         CAMELLIA256-SHA

Rejected        TLSv1        256         DHE-DSS-AES256-SHA256

Rejected        TLSv1        256         AES256-SHA256

Rejected        TLSv1        256         SRP-AES-256-CBC-SHA

Rejected        TLSv1        256         DHE-RSA-AES256-SHA256

Rejected        TLSv1        256         ECDH-ECDSA-AES256-SHA

Rejected        TLSv1        256         ECDH-RSA-AES256-SHA

Rejected        TLSv1        256         SRP-RSA-AES-256-CBC-SHA

Rejected        TLSv1        256         ECDH-ECDSA-AES256-SHA384

Rejected        TLSv1        256         ECDH-RSA-AES256-SHA384

Rejected        TLSv1        256         ECDH-ECDSA-AES256-GCM-SHA384

Rejected        TLSv1        256         SRP-DSS-AES-256-CBC-SHA

Rejected        TLSv1        256         ECDHE-ECDSA-AES256-SHA

Rejected        TLSv1        256         ECDH-RSA-AES256-GCM-SHA384

Rejected        TLSv1        256         DHE-DSS-CAMELLIA256-SHA

Rejected        TLSv1        256         DHE-RSA-CAMELLIA256-SHA

Rejected        TLSv1        256         DHE-DSS-AES256-SHA

Rejected        TLSv1        256         ECDHE-ECDSA-AES256-SHA384

Rejected        TLSv1        256         ECDHE-RSA-AES256-SHA384

Rejected        TLSv1        256         ECDHE-ECDSA-AES256-GCM-SHA384

Rejected        TLSv1        256         ECDHE-RSA-AES256-GCM-SHA384

Rejected        TLSv1        256         DHE-RSA-AES256-SHA

Certificate:

Data:

Version: 3 (0x2)

Serial Number:

1d:c0:12:4a:02:4a:2c:d6:ce:88:c9:4c:0f:24:f1:cf

Signature Algorithm: sha1WithRSAEncryption

Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Secure Server CA - G3

Validity

Not Before: Apr  9 00:00:00 2014 GMT

Not After : Apr  9 23:59:59 2015 GMT

Subject: C=US, ST=California, L=Sunnyvale, O=Yahoo Inc., OU=Information Technology, CN=www.yahoo.com

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (2048 bit)

Modulus:

00:be:ac:b9:4f:c4:b7:ea:0a:a1:6d:56:ab:ee:6a:

27:06:21:8c:82:4f:60:fc:be:ab:92:80:a1:11:6e:

36:01:a6:1a:3b:db:f0:b9:da:55:ed:91:a6:1d:1a:

5a:30:b7:5c:c9:1b:db:03:8f:7c:eb:74:3a:58:af:

0f:6d:08:f5:70:d3:42:ed:1c:d1:ce:ac:ea:d7:b8:

40:10:b5:20:f3:04:0a:7d:8c:34:ac:05:ba:ec:84:

31:30:07:00:4d:b9:c5:64:b9:61:91:ae:37:e7:4e:

91:64:bc:51:60:d2:61:bb:5a:58:4a:05:10:ae:c8:

84:80:30:aa:d1:37:21:4d:46:63:aa:5b:aa:31:2e:

82:3e:58:76:b3:aa:b9:b7:91:e2:2a:bf:8e:3c:8b:

e5:40:16:ba:cf:6f:be:90:40:2a:e2:e7:6d:6e:0d:

2c:b0:39:fa:46:83:4c:88:ea:db:10:b5:25:80:3a:

29:60:40:55:25:1a:fa:c4:7f:5d:e9:2e:18:ac:4e:

69:3a:cb:3b:30:e9:b2:e0:ba:91:71:6d:b4:cb:1b:

0c:13:00:51:19:1f:36:66:fb:f0:22:11:ef:de:d9:

24:bf:53:dd:a0:6c:94:0c:13:51:a1:07:26:cf:b7:

9e:f4:26:e3:88:9f:9f:4e:99:f4:e7:8f:90:4c:ca:

7f:39

Exponent: 65537 (0x10001)

X509v3 extensions:

X509v3 Subject Alternative Name:

DNS:www.yahoo.com, DNS:yahoo.com, DNS:hsrd.yahoo.com, DNS:us.yahoo.com, DNS:fr.yahoo.com, DNS:uk.yahoo.com, DNS:za.yahoo.com, DNS:ie.yahoo.com, DNS:it.yahoo.com, DNS:es.yahoo.com, DNS:de.yahoo.com, DNS:ca.yahoo.com,
DNS:qc.yahoo.com, DNS:br.yahoo.com, DNS:ro.yahoo.com, DNS:se.yahoo.com, DNS:be.yahoo.com, DNS:fr-be.yahoo.com, DNS:ar.yahoo.com, DNS:mx.yahoo.com, DNS:cl.yahoo.com, DNS:co.yahoo.com, DNS:ve.yahoo.com, DNS:espanol.yahoo.com, DNS:pe.yahoo.com, DNS:in.yahoo.com,
DNS:sg.yahoo.com, DNS:id.yahoo.com, DNS:malaysia.yahoo.com, DNS:ph.yahoo.com, DNS:vn.yahoo.com, DNS:maktoob.yahoo.com, DNS:en-maktoob.yahoo.com, DNS:ca.my.yahoo.com, DNS:gr.yahoo.com, DNS:att.yahoo.com, DNS:au.yahoo.com, DNS:nz.yahoo.com, DNS:tw.yahoo.com,
DNS:hk.yahoo.com, DNS:brb.yahoo.com, DNS:my.yahoo.com, DNS:add.my.yahoo.com

X509v3 Basic Constraints:

CA:FALSE

X509v3 Key Usage: critical

Digital Signature, Key Encipherment

X509v3 Extended Key Usage:

TLS Web Server Authentication, TLS Web Client Authentication

X509v3 Certificate Policies:

Policy: 2.16.840.1.113733.1.7.54

CPS: https://www.verisign.com/cps

X509v3 Authority Key Identifier:

keyid:0D:44:5C:16:53:44:C1:82:7E:1D:20:AB:25:F4:01:63:D8:BE:79:A5

X509v3 CRL Distribution Points:

Full Name:

URI:http://SVRSecure-G3-crl.verisign.com/SVRSecureG3.crl

Authority Information Access:

OCSP - URI:http://ocsp.verisign.com

CA Issuers - URI:http://SVRSecure-G3-aia.verisign.com/SVRSecureG3.cer

Signature Algorithm: sha1WithRSAEncryption

1f:3c:b5:6f:4d:d3:15:6a:7b:02:63:7a:e0:10:ba:45:f4:a6:

47:ca:8c:47:c0:1d:13:88:ed:e7:be:11:34:72:89:91:d2:53:

54:aa:d2:c5:3c:00:b7:70:cd:e5:30:b8:a1:79:47:ae:bc:eb:

5c:48:37:57:be:e6:1b:9e:55:30:21:7f:17:00:ad:d6:1b:5c:

b9:3b:94:d2:e9:fe:b5:04:a9:0d:43:6c:20:3b:2d:d2:a7:e5:

37:b4:68:9f:f9:86:d1:73:53:4b:15:6a:21:84:d3:f1:36:82:

cc:e3:07:ab:61:58:55:12:40:23:00:f2:ef:b6:ab:a8:2c:c0:

5e:23:0c:5c:23:42:c4:ee:e3:2e:e5:f8:f7:8b:0e:ec:e3:f5:

8f:0b:72:de:30:15:21:7f:85:47:7a:4f:ab:3a:3a:99:38:27:

11:24:94:90:96:56:ab:c6:07:4d:d3:5f:ec:2d:3c:60:03:b3:

64:78:26:a8:22:f7:8f:3c:4c:43:31:7b:46:6a:38:21:b4:c6:

69:ca:14:13:88:9c:02:eb:7f:3c:91:18:e6:27:6a:36:ba:6b:

0a:d5:4f:bc:6a:2b:d3:30:f9:30:7d:f0:a1:63:2e:68:40:d8:

3d:c3:25:52:d8:da:bb:df:14:be:bd:25:4f:24:9b:26:98:2c:

04:1c:51:2b

*** WARNING: Your OS hates freedom! Your OpenSSL libs are compiled without SSLv2 support!

[*] Auxiliary module execution completed

Get something more from SSL information

[email protected]:~# openssl s_client -host www.yahoo.com -port 443

CONNECTED(00000003)

depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, OU = "(c) 2006 VeriSign, Inc. - For authorized use only", CN = VeriSign Class 3 Public Primary Certification Authority - G5

verify error:num=20:unable to get local issuer certificate

verify return:0

---

Certificate chain

0 s:/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=www.yahoo.com

i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3

1 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3

i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5

2 s:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=(c) 2006 VeriSign, Inc. - For authorized use only/CN=VeriSign Class 3 Public Primary Certification Authority - G5

i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority

---

Server certificate

-----BEGIN CERTIFICATE-----

MIIHuTCCBqGgAwIBAgIQHcASSgJKLNbOiMlMDyTxzzANBgkqhkiG9w0BAQUFADCB

tTELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL

ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug

YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDEvMC0GA1UEAxMm

VmVyaVNpZ24gQ2xhc3MgMyBTZWN1cmUgU2VydmVyIENBIC0gRzMwHhcNMTQwNDA5

MDAwMDAwWhcNMTUwNDA5MjM1OTU5WjCBhDELMAkGA1UEBhMCVVMxEzARBgNVBAgT

CkNhbGlmb3JuaWExEjAQBgNVBAcUCVN1bm55dmFsZTETMBEGA1UEChQKWWFob28g

SW5jLjEfMB0GA1UECxQWSW5mb3JtYXRpb24gVGVjaG5vbG9neTEWMBQGA1UEAxQN

d3d3LnlhaG9vLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6s

uU/Et+oKoW1Wq+5qJwYhjIJPYPy+q5KAoRFuNgGmGjvb8LnaVe2Rph0aWjC3XMkb

2wOPfOt0OlivD20I9XDTQu0c0c6s6te4QBC1IPMECn2MNKwFuuyEMTAHAE25xWS5

YZGuN+dOkWS8UWDSYbtaWEoFEK7IhIAwqtE3IU1GY6pbqjEugj5YdrOqubeR4iq/

jjyL5UAWus9vvpBAKuLnbW4NLLA5+kaDTIjq2xC1JYA6KWBAVSUa+sR/XekuGKxO

aTrLOzDpsuC6kXFttMsbDBMAURkfNmb78CIR797ZJL9T3aBslAwTUaEHJs+3nvQm

44ifn06Z9OePkEzKfzkCAwEAAaOCA/IwggPuMIICiwYDVR0RBIICgjCCAn6CDXd3

dy55YWhvby5jb22CCXlhaG9vLmNvbYIOaHNyZC55YWhvby5jb22CDHVzLnlhaG9v

LmNvbYIMZnIueWFob28uY29tggx1ay55YWhvby5jb22CDHphLnlhaG9vLmNvbYIM

aWUueWFob28uY29tggxpdC55YWhvby5jb22CDGVzLnlhaG9vLmNvbYIMZGUueWFo

b28uY29tggxjYS55YWhvby5jb22CDHFjLnlhaG9vLmNvbYIMYnIueWFob28uY29t

ggxyby55YWhvby5jb22CDHNlLnlhaG9vLmNvbYIMYmUueWFob28uY29tgg9mci1i

ZS55YWhvby5jb22CDGFyLnlhaG9vLmNvbYIMbXgueWFob28uY29tggxjbC55YWhv

by5jb22CDGNvLnlhaG9vLmNvbYIMdmUueWFob28uY29tghFlc3Bhbm9sLnlhaG9v

LmNvbYIMcGUueWFob28uY29tggxpbi55YWhvby5jb22CDHNnLnlhaG9vLmNvbYIM

aWQueWFob28uY29tghJtYWxheXNpYS55YWhvby5jb22CDHBoLnlhaG9vLmNvbYIM

dm4ueWFob28uY29tghFtYWt0b29iLnlhaG9vLmNvbYIUZW4tbWFrdG9vYi55YWhv

by5jb22CD2NhLm15LnlhaG9vLmNvbYIMZ3IueWFob28uY29tgg1hdHQueWFob28u

Y29tggxhdS55YWhvby5jb22CDG56LnlhaG9vLmNvbYIMdHcueWFob28uY29tggxo

ay55YWhvby5jb22CDWJyYi55YWhvby5jb22CDG15LnlhaG9vLmNvbYIQYWRkLm15

LnlhaG9vLmNvbTAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAU

BggrBgEFBQcDAQYIKwYBBQUHAwIwQwYDVR0gBDwwOjA4BgpghkgBhvhFAQc2MCow

KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9jcHMwHwYDVR0j

BBgwFoAUDURcFlNEwYJ+HSCrJfQBY9i+eaUwRQYDVR0fBD4wPDA6oDigNoY0aHR0

cDovL1NWUlNlY3VyZS1HMy1jcmwudmVyaXNpZ24uY29tL1NWUlNlY3VyZUczLmNy

bDB2BggrBgEFBQcBAQRqMGgwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLnZlcmlz

aWduLmNvbTBABggrBgEFBQcwAoY0aHR0cDovL1NWUlNlY3VyZS1HMy1haWEudmVy

aXNpZ24uY29tL1NWUlNlY3VyZUczLmNlcjANBgkqhkiG9w0BAQUFAAOCAQEAHzy1

b03TFWp7AmN64BC6RfSmR8qMR8AdE4jt574RNHKJkdJTVKrSxTwAt3DN5TC4oXlH

rrzrXEg3V77mG55VMCF/FwCt1htcuTuU0un+tQSpDUNsIDst0qflN7Ron/mG0XNT

SxVqIYTT8TaCzOMHq2FYVRJAIwDy77arqCzAXiMMXCNCxO7jLuX494sO7OP1jwty

3jAVIX+FR3pPqzo6mTgnESSUkJZWq8YHTdNf7C08YAOzZHgmqCL3jzxMQzF7Rmo4

IbTGacoUE4icAut/PJEY5idqNrprCtVPvGor0zD5MH3woWMuaEDYPcMlUtjau98U

vr0lTySbJpgsBBxRKw==

-----END CERTIFICATE-----

subject=/C=US/ST=California/L=Sunnyvale/O=Yahoo Inc./OU=Information Technology/CN=www.yahoo.com

issuer=/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Secure Server CA - G3

---

No client certificate CA names sent

---

SSL handshake has read 5402 bytes and written 434 bytes

---

New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256

Server public key is 2048 bit

Secure Renegotiation IS supported

Compression: NONE

Expansion: NONE

SSL-Session:

Protocol  : TLSv1.2

Cipher    : ECDHE-RSA-AES128-GCM-SHA256

Session-ID: ABF1C054749C8559FF63F61B6CC23487DA0083A49652D6746558A83D0EC452A6

Session-ID-ctx:

Master-Key: 0C4FBE9B35881B0D78CB22DC08B73691EB24F495B6E512DECFAAF08EA2663C4BD2F11709367552EE253D9FB1533CB3AF

Key-Arg   : None

PSK identity: None

PSK identity hint: None

SRP username: None

TLS session ticket lifetime hint: 7200 (seconds)

TLS session ticket:

0000 - 97 6a 6c ac 57 32 81 80-ae c0 f2 27 d5 9a cf 71   .jl.W2.....‘...q

0010 - bc 15 05 54 87 36 c1 66-ff 06 ba 31 51 05 d2 61   ...T.6.f...1Q..a

0020 - 83 c6 68 3b 7a 2c 70 ec-4c 14 a4 83 96 90 df fd   ..h;z,p.L.......

0030 - de 70 a1 2b e0 1f cf 26-b8 08 8e 16 fd dc c5 06   .p.+...&........

0040 - 6b 7d fc 4f b0 87 ed 53-6c 86 26 b2 09 d0 e1 c7   k}.O...Sl.&.....

0050 - f5 d4 be 29 26 de 34 e0-0e f4 b4 a9 81 5b 9d c0   ...)&.4......[..

0060 - 53 97 63 b0 2d e2 e4 c8-3f f2 08 cf 78 f3 a6 0a   S.c.-...?...x...

0070 - 09 ca a5 48 98 7f e9 68-dd ba 04 2f c6 38 49 b5   ...H...h.../.8I.

0080 - c2 f5 a6 00 81 2a d8 74-b3 15 16 e1 6b 56 b4 03   .....*.t....kV..

0090 - 14 6e dc 89 b1 64 0e 96-80 99 eb b0 6b 46 05 f3   .n...d......kF..

Start Time: 1411961850

Timeout   : 300 (sec)

Verify return code: 20 (unable to get local issuer certificate)

---

read:errno=0

时间: 2024-10-13 08:08:54

sslscan的相关文章

小白日记52:kali渗透测试之Web渗透-HTTPS攻击(Openssl、sslscan、sslyze、检查SSL的网站)

HTTPS攻击 全站HTTPS正策划稿那位潮流趋势 如:百度.阿里 HTTPS的作用 CIA 解决的是信息传输过程中数据被篡改.窃取 [从中注入恶意代码,多为链路劫持] 加密:对称.非对称.单向 HTTPS攻击方法 降级攻击 解密攻击(明文.证书伪造) 协议漏洞(贵宾狗).https实现方法的漏洞(参考心脏出血漏洞原理).配置不严格 SSL(Secure socket layer) 保证网络通信安全的加密协议 TLS  它建立在SSL 3.0协议规范之上,是SSL 3.0的后续版本,可以理解为S

关于kali linux系统的简单工具——第一单元(后续会更新)

Linux系统中关于几个重要目录的原英文解释: /etc/: Contains configuration files of the installed tools /opt/: Contains Metasploit and its relevant modules /sys/: Contains configuration files of external hardware and interfaces /root/: It is the root user directory /lib/

安全行业从业人员自研开源扫描器合集

转:http://www.mottoin.com/94492.html 简介 Scanners-Box是一个集合github平台上的安全行业从业人员自研开源扫描器的仓库,包括子域名枚举.数据库漏洞扫描.弱口令或信息泄漏扫描.端口扫描.指纹识别以及其他大型扫描器或模块化扫描器:该仓库只收录各位网友自己编写的开源扫描器,类似nmap.w3af.brakeman等知名扫描工具不收录.Author:We5ter项目主页:https://github.com/We5ter/Scanners-Box非常欢迎

backtrack常用的一些综合扫描工具实例用法

DNS扫描工具的使用         DNS扫描工具可以用来收集的信息包括:域名注册信息.域名解析服务器(DNS Server).有效的子域名             (可以用来搜集的信息:域名的注册信息,姓名,电话,邮箱,到期时间,有效的子域名....)             1.whois                 使用方法:whois 顶级域名(一定要是顶级域名)                     域名状态:                     用来解析DNS的服务器组:

Scanners-Box:开源扫描器大全 2017-04-22

Scanners-Box:开源扫描器大全 2017-04-22 Scanners-Box是一个集合github平台上的安全行业从业人员自研开源扫描器的仓库,包括子域名枚举.数据库漏洞扫描.弱口令或信息泄漏扫描.端口扫描.指纹识别以及其他大型扫描器或模块化扫描器:该仓库只收录各位网友自己编写的一般性开源扫描器,类似nmap.w3af.brakeman等知名扫描工具不收录. 子域名枚举 https://github.com/lijiejie/subDomainsBrute (经典的子域名爆破枚举脚本

HTTPS及HTTPS中间人攻击

全站HTTPS正在称为潮流趋势,国内实现全站https的有淘宝和百度两家 0x01:https的作用 C I A:机密性,完整性,可用性(可用性是合法用户可以访问自己有权限访问的资源) 解决的是信息传输中数据被篡改.窃取 加密:对称.非对称.单向 0x02:https工作原理 https的工作原理还是有必要研究下的(原理我也是从网上学习总结的,感谢这些前辈) 1. 客户端发起HTTPS请求 用户在浏览器里输入一个https网址,然后连接到server的443端口. 2. 服务端的配置 采用HTT

【Tool】BT5工具集备忘

backtrack5?工具集 1 Information Gathering 1.1? ?? ?? ?Network Analysis 1.1.1? ? DNS Analysis 1.1.1.1? ?Dnsdict6 1.1.1.2? ?Dnsenum 1.1.1.3? ?Dnsmap 1.1.1.4? ?Dnsrecon 1.1.1.5? ?Dnstracer 1.1.1.6? ?Dnswalk 1.1.1.7? ?Fierce 1.1.1.8? ?Lbd 1.1.1.9? ?Maltego

Kali Linux 学习

一.kali 安全渗透的一般测试 流程 1.信息收集 目标在线主机,域名信息,邮箱地址,常用密码,同网段信息,子域名信息,指纹信息,端口信息 2.漏洞分析 cisco工具集(cisoco工具) fuzzing工具集 openvas 开源评估软件 扫描工具集 数据库评估软件 3.漏洞利用 4.权限维持(创建一个后门) 5.文档编辑 二.谷歌黑客(goole hacker) 1.通过互联网 searchdns.netcraft.com DNS查询 shodaning.com大数据 http://ww

【安全牛学习笔记】HTTPS攻击

╋━━━━━━━━━━━━━━━━━━━━━╋ ┃HTTPS攻击                                 ┃ ┃全站HTTPS正成为潮流趋势                   ┃ ┃    淘宝.百度                            ┃ ┃HTTPS的作用                               ┃ ┃    CIA                                   ┃ ┃    解决的是信息传输过程中数据被篡