Ubuntu Pastebin

Paste from mladoux at Wed, 29 Jun 2016 00:14:04 +0000

Download as text 
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
#!/usr/bin/perl -w

use strict;
use warnings;
use IO::Socket::SSL;

print qq{
===============================================

SSL/TLS BEAST Vulnerability Check
 by YGN Ethical Hacker Group, http://yehg.net/

===============================================
};

if ($#ARGV != 0) {
 print qq{
Usage: beast.pl host [port]

port = 443 by default \{optional\}
};
 exit;
}

my $host = $ARGV[0];
my $port = 443;
if ($#ARGV == 1) {$port = $ARGV[1];}

print qq{
Target: $host:$port       
};

my $client = new IO::Socket::SSL(
          PeerAddr        => $host,
          PeerPort        => $port,
          Proto           => 'tcp',
          SSL_honor_cipher_order => 1,
          SSL_version => 'TLSv1'          
);
           
if (defined $client) {
        my $v_beast = 'PRONE to BEAST attack.';
        my $s_beast = 'YES';
        my $cipher = $client->get_cipher();
       
        if ($cipher =~ /RC4/){
            $v_beast = 'NOT vulnerable to BEAST attack.';
            $s_beast = 'NO';
        }
        
        print qq{
## The target is $v_beast ##

Protocol: TLS v1
Server Preferred Cipher: $cipher
Vulnerable: $s_beast

-----------------------------------------------
N.B. This check assumes no workaround
(i.e. EMPTY FRAGMENT) applied in target server.
};
        print $client "GET / HTTP/1.0\r\n\r\n";

        close $client;
} else {
         warn "\nERROR:\nConnecting to the taget\n\nDETAILS:\n",
         IO::Socket::SSL::errstr();
}
warn $! if not defined($client);
Download as text