7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.9 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%
This is a fork of ioerror’s version of sslscan (the original readme of which is included below). Changes are as follows:
--get-certificate
).--failed
).--ipv6
).--no-compression
).--no-ciphersuites
.--no-colour
.--no-heartbleed
).--rdp
(credit skettler).--sleep
option to pause between requests.--no-preferred
.--show-client-cas
.--no-cipher-details
.--cipher-details
.--starttls-ldap
.--sni-name
(credit Ken).Building on Windows
Thanks to a patch by jtesta, sslscan can now be compiled on Windows. This can either be done natively or by cross-compiling from Linux. See INSTALL for instructions.
Note that sslscan was originally written for Linux, and has not been extensively tested on Windows. As such, the Windows version should be considered experimental.
Pre-build cross-compiled Windows binaries are available on the GitHub Releases Page .
Building on OS X
There is experimental support for statically building on OS X, however this should be considered unsupported. You may need to install any dependencies required to compile OpenSSL from source on OS X. Once you have, just run:
make static
OpenSSL issues
Statically linking a custom OpenSSL build
It is possible to ignore the OpenSSL system installation and ship your own version. Although this results in a more resource-heavy sslscan
binary (file size, memory consumption, etc.), this allows to enable both SSLv2 and SSLv3 ciphers. In comparison to the method of repackaging the Debian build, this custom OpenSSL build won’t affect other tools on the same system, as they would use the version packaged by the distro’s maintainers.
To compile your own OpenSSL version, you’ll probably need to install the OpenSSL build dependencies:
apt-get install build-essential git zlib1g-dev
apt-get build-dep openssl
then run
make static
which will clone the OpenSSL repository , and configure/compile/test OpenSSL prior to compiling sslscan
.
Please note: Out of the box, OpenSSL cannot compiled with clang
without further customization (which is not done by the provided Makefile
). For more information on this, see Modifying Build Settings in the OpenSSL wiki.
You can verify whether you have a statically linked OpenSSL version, if
./sslscan --version
looks a bit like
1.x.y-...-static
OpenSSL 1.1.0-dev xx XXX xxxx
(pay attention to the -static
suffix and the 1.1.0-dev
OpenSSL version).
Building on Kali
Kali now ships with a statically built version of sslscan which supports SSLv2.
The package can be found in the Kali Git Repository .
If for whatever reason you can’t install this package, follow the instructions above for statically building against OpenSSL.
Building on Debian
It is recommended that you statically build sslscan using the instructions listed above. If this is not an option and you want to compile your system OpenSSL with support for legacy protocols such as SSLv2 and SSLv3 then follow the instructions below.
Note that many modern distros (including Debian) ship with a version of OpenSSL that disables support for SSLv2 ciphers. If sslscan
is compiled on one of these distros, it will not be able to detect SSLv2.
This issue can be resolved by rebuilding OpenSSL from source after removing the patch that disables SSLv2 support.
The build_openssl_debian.sh
script automates this process for Debian systems. It has been tested on Debian Squeeze/Wheezy; it may work on other Debian based distros, but has not been tested. The built version of OpenSSL will be installed using dpkg
.
If it is not possible to rebuild OpenSSL, sslscan
will still compile (thanks to a patch from digineo/sslscan , based on the debian patch). However, a warning will be displayed in the output to notify the user that SSLv2 ciphers will not be detected.
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
7.9 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.975 High
EPSS
Percentile
100.0%