Security testing for SSL/TLS vulnerabilities with SSLyze

Transport Layer Security (TLS), normally known as SSL, is one of the foremost widely used protocols to secure network communications. As prices fall user security and privacy expectations raise corporation’s area unit deploying it additional wide per annum. Attacks against the CA (Certificate Authority) system, SSL implementation flaws, and aging protocol versions have grabbed news headlines, attention to weak configurations, and therefore the need to avoid them. In addition, server misconfiguration has continually greatly inflated the overhead caused by SSL, deceleration the transition to improved communications security.

To help get better system configuration there is a popular python tool among hackers and crackers called SSLYZE. SSLyze can give you the report of flaws exist in your SSL implementation by checking for insecure renegotiation, scanning for weak ciphers, checking for SSLv2, SSLv3, and TLSv1 versions, information dump of the server certificate, checking for Heartbleed , Poodle and CRIME type vulnerabilities and so on.

Working of SSLyze

SSLyze is totally written in Python code however it uses an OpenSSL wrapper written in C known as nassl, that was specifically developed for permitting SSLyze to access the low-level OpenSSL apis required to perform deep SSL testing.

Let’s Start

Here I m using Linux Ubuntu system to install SSLyze but you can also install it on windows.

So SSLyze can be easily installed via pip:

$ pip install sslyze

Or you can clone the repository from github and install it with other requirements. Use following commands to install sslyze:

$ git clone https://github.com/nabla-c0d3/sslyze.git

$ cd sslyze

On Linux, the `python-devel` package needs to be installed first so that the nassl C extension can be compiled:

$ sudo apt-get install python-dev

Then final command type:

$ pip install -r requirements.txt --target ./lib

Now our SSLyze tools is finally installed in our system lets use it.

Now type in your terminal:

$ python sslyze_cli.py --regular www.google.com:443

So by this means you can see full report of your SSL configuration which will help you to improve your infrastructure security and SSL implementation.

In my command I used --regular as an options because --regular option is a short form for finding --sslv2, --sslv3, --tlsv1, –reneg (Session Renegotiation), --resum (Session Resumption), --certinfo=basic.

You can also use different options for different work like:

For testing server for session resumption rate support, using both session IDs and TLS session tickets

"--resum_rate"

Or for client certificate following OPTIONS are required:

--cert=CERT   Client certificate filename.

--pass=KEYPASS   Client private key passphrase.

For certificate info:

--certinfo=CERTINFO  Verifies the validity of the server certificate.

--ca_file=CA_FILE Local   Certificate Authority file (in PEM format)

To check for heartbleed:

--heartbleed  Tests the server(s) for the OpenSSL Heartbleed vulnerability.

Author:  Provensec is a leading cyber security services provider like penetration testing services, online website scanner etc catering to midsized businesses. Provensec LLC is amongst top 10 contributors on Packet Storm for responsible disclosures and security research. You can contact Provensec at [email protected].