Hello There, Guest! Login Register
Logo
Dismiss this notice
MaDLeeTs is not responsible for any attacks that are carried out on networks, websites or servers.
MaDLeeTs staff members cannot be held responsible.
All information on this forum is for educational purposes only.


Beast ssl attack Tester :)

  • 0 Vote(s) - 0 Average


06-30-2013, 01:17 AM #1
infrinjazerolux Offline Respected *****
Respected
Posts:30 Threads:8 Joined:Jun 2013 Reputation: 0
Mood: None
#!/usr/bin/perl -w

use strict;
use warnings;
use IO::Socket::SSL;

print qq{
===============================================

SSL/TLS BEAST Vulnerability Check
by YGN Ethical Hacker Group, http://yehg.net/

===============================================
};

if ($#ARGV != 0) {
print qq{
Usage: beast.pl host [port]

port = 443 by default \{optional\}
};
exit;
}

my $host = $ARGV[0];
my $port = 443;
if ($#ARGV == 1) {$port = $ARGV[1];}

print qq{
Target: $host:$port
};

my $client = new IO::Socket::SSL(
PeerAddr => $host,
PeerPort => $port,
Proto => 'tcp',
SSL_honor_cipher_order => 1,
SSL_version => 'TLSv1'
);

if (defined $client) {
my $v_beast = 'PRONE to BEAST attack.';
my $s_beast = 'YES';
my $cipher = $client->get_cipher();

if ($cipher =~ /RC4/){
$v_beast = 'NOT vulnerable to BEAST attack.';
$s_beast = 'NO';
}

print qq{
## The target is $v_beast ##

Protocol: TLS v1
Server Preferred Cipher: $cipher
Vulnerable: $s_beast

-----------------------------------------------
N.B. This check assumes no workaround
(i.e. EMPTY FRAGMENT) applied in target server.
};
print $client "GET / HTTP/1.0\r\n\r\n";

close $client;
} else {
warn "\nERROR:\nConnecting to the taget\n\nDETAILS:\n",
IO::Socket::SSL::errstr();
}
warn $! if not defined($client);





Biggrinsmiley
Source :- http://bl0g.yehg.net/2012/05/beastpl-ssl...ility.html

SECURITY IS JUST AN ILLUSION
YOU MAKE IT ,
I BREAK IT xD

~ RESISTER INDIA ~
( INFRINJA ZEROLUX )

06-30-2013, 02:45 AM #2
sniffer Offline Bug Researchers **********
Junior Administrator
Posts:878 Threads:126 Joined:Sep 2012 Reputation: 12
Mood: Happy
nice bro

jabber : [email protected]

07-01-2013, 08:25 AM #3
Sn!p3r_GS Offline Super Moderator ******
Super Moderators
Posts:354 Threads:19 Joined:May 2013 Reputation: 1
Mood: Relaxed
Nice one , keep it up

Love & Respect to : Zombie_Ksa-H4x0rL1f3-Shadow008-b0x-1337-Invectus-??dcodE-DeXter -MakMan-MindCracker-Sniffer

07-01-2013, 01:15 PM #4
AZ Sn1ff3r (PCP) Offline Mad Lover of Security ******
V.I.P
Posts:461 Threads:46 Joined:Mar 2013 Reputation: 0
Mood: Mad
NiCe sharE BR0! Biggrinsmiley

07-01-2013, 07:08 PM #5
FOH Offline Father Of Hacking ******
V.I.P
Posts:889 Threads:31 Joined:Jul 2012 Reputation: 4
Mood: Relaxed
Nice Share Smiley1

NO FEAR Father Of Hacking (FOH) IS HERE


05-19-2014, 12:29 AM #6
mahsat92 Offline Team-CrackerS **
Registered
Posts:15 Threads:8 Joined:Dec 2013 Reputation: 0
Mood: Adored
Can help me http://prntscr.com/3kbz8t this is victim isecenter.com


Please Visit

Facebook Page
http://www.Facebook.com/TeamCrackerS
Youtube Channel
http://www.Youtube.com/TeamCrackerS1
Team-CrackerS Chat
http://www.Xat.com/TCrackers
[Image: osbwPn9.png]

05-19-2014, 04:00 AM #7
[email protected] Offline MaDLeeTs LoVer *****
MaDLeeTs LoVer
Posts:357 Threads:87 Joined:Mar 2013 Reputation: 0
Mood: None
(05-19-2014, 12:29 AM)mahsat92 Wrote:  Can help me http://prntscr.com/3kbz8t this is victim isecenter.com

how it can be exploited , if YES ?

help please

05-19-2014, 04:21 AM #8
AlphaSky Offline MadLeets Vip ******
V.I.P
Posts:114 Threads:10 Joined:Sep 2012 Reputation: 2
Mood: Stoned
You could use code tag next time Smiley1

[Image: anime_signature_by_scrapiefx-d2ynihn.png]






Forum Jump:


Users browsing this thread:1 Guest(s)