In this post, I will talk about how to test the SSL vulnerabilities that reside on the system or server. For those who are still new in this area of Security, SSL Vulnerabilities can be categories as below:
- and so on
Examples of tools that can be used for testing SSL Vulnerabilities on the server are SSLscan, OpenSSL, SSLyze, TestSSL, and DONT FORGOT ABOUT NMAP SCRIPT.
Let’s get moving!
** Before I start explaining, just bear in mind that I didn’t do it on the actual machine/server for this post. I just show from the point of view of Pentester. **
We will be looking into the vulnerabilities by using sslscan. Aside from sslscan tools, we also can use Nmap Scripts Tools for checking the SSL Vulnerabilities. There is a lot of scripts that related to SSL Vulnerabilities which can be found at /usr/share/nmap/scripts or in my case is located at /usr/local/share/nmap/scripts
Let’s say that I want to know what SSL encryption that been used on the server. The command that I can use for that purpose is sslscan <IP ADDRESS><PORT>
In my case, I’m using localhost as my server target so the command that I will run for this activity is sslscan 127.0.0.1:443
As a result, you can see the output of the scanning below for your reference.
Once we review the output from the sslscan, we didn’t found anything suspicious that has been implemented into the server.
Just for this exercise, let assume that we found SSL vulnerabilities such as Heartbleed Vulnerabilities from the sslscan output. Once we are aware of the vulnerabilities, we will make research on the vulnerabilities on the internet.
Who knows?! Maybe we found on how to take advantage of the vulnerabilities payload into our hand or found anything that related to the vulnerabilities on the internet