Latest News

How to use sslscan in kali linux

Intro - SSLScan is a fast SSL port scanner. SSLScan connects to SSL ports and determines what ciphers are supported, which are the servers prefered ciphers, which SSL protocols are supported and returns the SSL certificate. Client certificates / private key can be configured and output is to text / XML.

1. How to open
A. GUI Method

Application →Kali Linux → Information gathering → SSL Analysis → sslscan
                                                                          (click image for large view)

B. Open Terminal type sslscan and hit enter

2. Here we are scanning a domain with simple sslscan command. I will explain you about result on image
Syntax – sslscan domain/host:port
Ex- sslscan sail.co.in
We can also scan by IP kindly visit image for more info

A.      Scan by IP

B.      Scan by Domain

As you can see there are different cipher that server accepted

Here we can see it scan all type of ciphers which are possible on the target.

After completing the scan now you can see Prefered server cipher and SSL certification details.


3. This command is used to scan only accepted ciphers. Failed or rejected ciphers are ignored by this command.
Syntax – sslscan –no-failed sail.co.in

4. This command is used to scan only ssl3 ciphers.
Syntax – sslscan --ssl3 sail.co.in

5. This command is used to scan only tls1 ciphers.
Syntax – sslscan --tls1 sail.co.in

6.  This command is used to save scan outout in xml format.
Syntax – sslscan --xml=filename domain/IP
Ex – sslscan --xml=quiety 180.179.212.205

7.  Here you can see our saved output by ls command.

8. using leafpad we can see out output.
(click image for large view)

2 comments:

  1. After restricting tls1.0 ciphers(by adding it in SSLProtocol in ssl.conf) , if i am trying to run the sslscan for port : 443 it throws an error at the end of the scan saying that Failed to connect to get certificate. Do you have any idea about it ?

    ReplyDelete

Contact Us

24x7 online , we happy to answer you
tamilcypc@gmail.com , ,manoj960000@gmial.com.
skype: greeenchip

Disclaimer

This Blog and its TUT's are intended for educational purposes only, no-one involved in the creation of this TuT may be held responsible for any illegal acts brought about by this Blog or TuT.



Featured Post

Custom Domains And HTTPS Redirection Code