Friday, January 8, 2016

openssl bash script to check server available ciphers in server preferred sort order.


wrote a short openssl bash script which checks servers available ciphers in servers preferred sort order.

#/bin/bash
target=$1
port=$2
proto=( tls1_2 tls1_1 tls1 ssl3 ssl2 )
openssl version
for prot in "${proto[@]}" ; do
 ciphers='ALL'
 cipher=" "
 i=1
 echo -e "\ncheck $prot"
 while [ "$cipher" != "0000" ] && [ "$cipher" != "" ]  ; do 
  cipher=""
  res=`echo q|timeout 5 openssl s_client -$prot -connect $target:$port -cipher $ciphers 2>/dev/null`
  cipher=`echo $res|egrep -o "Cipher : [A-Za-z0-9-]*"|cut -c10-`
  if [ "$cipher" != "0000" ]  && [ "$cipher" != "" ] ; then 
      echo "$i:$cipher"
      i=$((i+1)) 
      ciphers=`echo "$ciphers:!$cipher"`
  fi
  done
done