Welcome, SSL!

It’s been long overdue… techslaves.org is now SSL-enabled (and the default) thanks to Dreamhost‘s super-simple support for Let’s Encrypt!

For ages, I rebelled against the Certificate Authority trust model, which I perceive as a racket. Let’s Encrypt essentially plays the same game, but with slightly different rules.

I believe privacy is important. It’s not everything, but it’s important. Encryption is a tool that attempts to implement digital privacy, with varying degrees of success. Algorithms can and often do have flaws and crypto is hard. Really hard. Or so I’m told. Or the encryption is circumvented instead, which appears far more common. Even so, this here is about the best we’ve ever had it. Let’s Encrypt provides anyyone with the means to enable modern SSL without monetary cost or painful renewal processes.

World’s Worst POODLE Scanner for HTTPS

Behold, the world’s worst POODLE scanner for HTTPS services:

#!/bin/bash
 
subnets="192.168.0.0/16 10.0.0.0/8"
 
for subnet in $subnets; do
echo -e "########## SCANNING $subnet ##########\n"
https_servers=`nmap -sS -P0 -n -p 443 -oG - $subnet | grep open | awk '{print $2}'`
echo "TCP/443 found open on:"
echo -e "$https_servers\n"
echo "Scanning for SSLv3..."
for https_srv in $https_servers; do
echo -n | openssl s_client -connect $https_srv:443 -ssl3 &> /dev/null
if [ $? -eq 0 ]; then
echo "SSLv3 ENABLED on $https_srv:443"
fi
done
echo -e "\nCOMPLETED SCAN FOR $subnet\n"
done

All it really does is tell you if SSL 3.0 is enabled on port TCP/443 when given a list of IP addresses and/or subnets to scan.

The above code depends on several things:

  1. bash or bash-like shell
  2. nmap, running with root privileges
  3. openssl command line utility
  4. awk and grep

Define the variable $subnet with a space-delimited nmap-compatible list of IP and/or subnet addresses.

The code can be easily modified to check for SSLv3 presence on other services/ports but I didn’t build that into the functionality because this is, after all, the world’s worst POODLE scanner.

Quick? Check. Dirty? Check. Yep, it’s a hack.