Not really a huge deal, but the output states my site has a spdy version <4, but that's simply b/c the protocols are not advertised b/c npn is disabled in favor of alpn. Even if it were using npn the code is not checking the version just that the line exists.

While i'm not going to point at my site here, check the facebook.com and then go here: https://spdycheck.org/#facebook.com

Is it possible to make the code in a2sv.py compatible with Python 3? E.g. moving from print 'abc' to print('abc').

As an alternative the script could check at runtime the Python version with sys.version or sys.version_info[0] and stop the execution if not Python 2.

Question.

Hey man,
You've got a really good script and it works flawlessly with single targets but when i try to run it with the -tf (targetfile) flag it doesnt do anything. This is all it gives me:

[SET] target => /home/user/Desktop/as.txt
[SET] IP Address list
=> ['54.159.x.x.']
=> ['99.63.x.x']
Running a2sv sillent mode[file list default]

the script is updated to latest. it would be great if i could run it against a mass file.
I got your script from github, let me know what i can do to get the file list to work.

Thanks

[Fix]
Update main code.
-> Add to ssl check logic

Run a2sv . error [main>freak module result]
TypeError: cannot concatenate 'str' and 'NoneType' objects.

I received an e-mail to anonymous users.

Check FREAK Module.

python2 a2sv.py
File "a2sv.py", line 346
displayMode = 1
^
IndentationError: unexpected indent

$ python a2sv.py -h
File "a2sv.py", line 128
print ""
^
SyntaxError: Missing parentheses in call to 'print'. Did you mean print("")?

Please, help me)

When ever I try to scan a list of urls, it loads the list but doesnt seem to scan them.. this is what I get

Hey ,

Thanks for the update , Previous issue Resolved ,

But Came with Another Problem.

[RES] OpenSSL FREAK :: 0x00
[INF] Scan OpenSSL LOGJAM..

• [LOG] IP Check Ok.
• [LOG] Start SSL Connection / Gathering Information
• [LOG] Ending Get Information
• [LOG] 'Cipher is DEH' not in Response
  [RES] OpenSSL LOGJAM :: 0x00
  [INF] Scan SSLv2 DROWN..
  Traceback (most recent call last):
  File "a2sv.py", line 315, in
  runScan(checkVun)
  File "a2sv.py", line 165, in runScan
  drown_result = m_drown_run(targetIP,port)
  File "/root/Desktop/Pentest-Suite/SSL/a2sv/module/M_drown.py", line 32, in m_drown_run
  server_hello = s.recv(10*1024)
  socket.error: [Errno 104] Connection reset by peer

when running scan from kali it says that Vulnerable to anonymous cipher, but log says that connection fail.

[INF] Scan Anonymous Cipher..

• [LOG] IP Check Ok.
• [LOG] Start SSL Connection
• [LOG] Analysis SSL Information
• [LOG] 'Connection fail'

Vulnerability CVE CVSS v2 Base Score State
================ ============= ========================== ===============
Anonymous Cipher CVE-2007-1858 AV:N/AC:H/Au:N/C:P/I:N/A:N Vulnerable!
CRIME(SPDY) CVE-2012-4929 AV:N/AC:H/Au:N/C:P/I:N/A:N Vulnerable!
HeartBleed CVE-2014-0160 AV:N/AC:L/Au:N/C:P/I:N/A:N Not Vulnerable.
CCS Injection CVE-2014-0224 AV:N/AC:M/Au:N/C:P/I:P/A:P Not Vulnerable.
SSLv3 POODLE CVE-2014-3566 AV:N/AC:M/Au:N/C:P/I:N/A:N Not Vulnerable.
OpenSSL FREAK CVE-2015-0204 AV:N/AC:M/Au:N/C:N/I:P/A:N Not Vulnerable.
OpenSSL LOGJAM CVE-2015-4000 AV:N/AC:M/Au:N/C:N/I:P/A:N Not Vulnerable.
SSLv2 DROWN CVE-2016-0800 AV:N/AC:M/Au:N/C:P/I:N/A:N Not Vulnerable.

a2sv -t "test.com" -m hcpfld

[RES] CCS Injection Result :: 0x00
[INF] Scan HeartBleed..

• [LOG] Sending Client Hello...
• [LOG] Waiting for Server Hello...
• [LOG] Sending heartbeat request..
  [RES] HeartBleed :: 0x00
  [INF] Scan SSLv3 POODLE..
  Traceback (most recent call last):
  File "/root/Desktop/a2sv/a2sv.py", line 314, in
  runScan(checkVun)
  File "/root/Desktop/a2sv/a2sv.py", line 156, in runScan
  poodle_result = m_poodle_run(targetIP,port)
  File "/root/Desktop/a2sv/module/M_poodle.py", line 23, in m_poodle_run
  result = test_server(hostname, port, ssl.PROTOCOL_SSLv3, timeout)
  AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'

after using install.sh the script puts

!/usr/bin/python\npython <launch_path>/a2sva2sv.py

in my case it was

!/usr/bin/python\npython /root/a2sva2sv.py

I think it should be

!/usr/bin/python

python /root/a2sv/a2sv.py

[Dev] Making install script / install menual

• install.sh
• INSTALL.md

when i tried the code, getting like this

Coding for Support SSLv3

hi,i am english very bad,do you have plan to support "ROBOT" vul?

Which command Should I use after found a Vulnerability....??? I found different Vulnerabilities 👍 :)

Hello ,

I Like your Project Which Scans For SSL Vulnerabilties,

Hope you Won't Mind if i Ask for a Features Which Allow the Users to Give List of URL's to be Scanned !

Thanks!

FREAK Attack Code

root@kali:~/a2sv# python a2sv.py -t comodo.com
 - [LOG] Check the TLS CERT
 - [LOG] Check the SSLv2 CERT
 - [LOG] SSLv2 Enable - Not same cert
�[3;J
                    █████╗ ██████╗ ███████╗██╗   ██╗
                   ██╔══██╗╚════██╗██╔════╝██║   ██║
                   ███████║ █████╔╝███████╗██║   ██║
    .o oOOOOOOOo   ██╔══██║██╔═══╝ ╚════██║╚██╗ ██╔╝        OOOo
    Ob.OOOOOOOo O  ██║  ██║███████╗███████║ ╚████╔╝   .adOOOOOOO
    OboO'''''''''' ╚═╝  ╚═╝╚══════╝╚══════╝  ╚═══╝  ''''''''''OO
    OOP.oOOOOOOOOOOO 'POOOOOOOOOOOo.   `'OOOOOOOOOP,OOOOOOOOOOOB'
    `O'OOOO'     `OOOOo'OOOOOOOOOOO` .adOOOOOOOOO'oOOO'    `OOOOo
    .OOOO'            `OOOOOOOOOOOOOOOOOOOOOOOOOO'            `OO
    OOOOO                 ''OOOOOOOOOOOOOOOO'`                oOO
   oOOOOOba.                .adOOOOOOOOOOba               .adOOOOo.
  oOOOOOOOOOOOOOba.    .adOOOOOOOOOO@^OOOOOOOba.     .adOOOOOOOOOOOO
 OOOOOOOOOOOOOOOOO.OOOOOOOOOOOOOO'`  ''OOOOOOOOOOOOO.OOOOOOOOOOOOOO
 'OOOO'       'YOoOOOOMOIONODOO'`  .   ''OOROAOPOEOOOoOY'     'OOO'
    Y           'OOOOOOOOOOOOOO: .oOOo. :OOOOOOOOOOO?'         :`
    :            .oO%OOOOOOOOOOo.OOOOOO.oOOOOOOOOOOOO?         .
    .            oOOP'%OOOOOOOOoOOOOOOO?oOOOOO?OOOO'OOo
                 '%o  OOOO'%OOOO%'%OOOOO'OOOOOO'OOO':
                      `$'  `OOOO' `O'Y ' `OOOO'  o             .
    .                  .     OP'          : o     .
                              :
                [Auto Scanning to SSL Vulnerability 1.4.0]
                       [By Hahwul / www.hahwul.com]
________________________________________________________________________
[SET] target => comodo.com
[SET] IP Address => 104.16.18.160
[SET] target port => 443
[SET] include => All Module

[INF] Scan CCS Injection..
 - [LOG] TLSv1.2 104.16.18.160:443 rejected early CCS
 - [LOG] TLSv1.1 104.16.18.160:443 rejected early CCS
 - [LOG] TLSv1 104.16.18.160:443 rejected early CCS
 - [LOG] [SSLv3] 104.16.18.160:443 Invalid handshake.
[RES] CCS Injection Result :: 0x00
[INF] Scan HeartBleed..
 - [LOG] Sending Client Hello...
 - [LOG] Waiting for Server Hello...
 - [LOG] Sending heartbeat request..
[RES] HeartBleed :: 0x00
[INF] Scan SSLv3 POODLE..
Traceback (most recent call last):
  File "a2sv.py", line 301, in <module>
    runScan(checkVun)
  File "a2sv.py", line 155, in runScan
    poodle_result = m_poodle_run(targetIP,port)
  File "/root/a2sv/module/M_poodle.py", line 23, in m_poodle_run
    result = test_server(hostname, port, ssl.PROTOCOL_SSLv3, timeout)
AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'
root@kali:~/a2sv# 

not finish

from: demasiados argumentos
./a2sv.py: línea 14: error sintáctico cerca del elemento inesperado os.path.dirname' ./a2sv.py: línea 14: sys.path.append(os.path.dirname( os.path.abspath( file ))+"/module")'

Can we handle this if the connection is reset by peer during the Heartbleed check?

Traceback (most recent call last):
  File "/root/scripts/a2sv/a2sv.py", line 418, in <module>
    runScan(checkVun)
  File "/root/scripts/a2sv/a2sv.py", line 177, in runScan
    heartbleed_result = m_heartbleed_run(targetIP,port,displayMode)
  File "/root/scripts/a2sv/module/M_heartbleed.py", line 196, in m_heartbleed_run
    check(target,port,"","","",displayMode)
  File "/root/scripts/a2sv/module/M_heartbleed.py", line 172, in check
    version = parseresp(s)
  File "/root/scripts/a2sv/module/M_heartbleed.py", line 136, in parseresp
    typ, ver, pay = recvmsg(s)
  File "/root/scripts/a2sv/module/M_heartbleed.py", line 83, in recvmsg
    hdr = recvall(s, 5)
  File "/root/scripts/a2sv/module/M_heartbleed.py", line 74, in recvall
    data = s.recv(remain)

Hi, I was testing my server and a2sv says that it is vulnerable to CRIME ("CRIME(SPDY) ... Vulnerable!")
Checking at the code I see this check is done.

As far as I can see CRIME vulnerability appears when TLS compression is used. In my case running: openssl s_client -connect <IP>:<port> gives "Compression: NONE", so it seems not to be vulnerable to CRIME.

Also checked with these resources: 1 and testssl.sh

Because of that it seems to be a bug, but I want to confirm with you.

[INF] Scan CCS Injection..
Traceback (most recent call last):
File "/home/noon/Noon/a2sv/a2sv.py", line 163, in
runScan(checkVun)
File "/home/noon/Noon/a2sv/a2sv.py", line 78, in runScan
ccs_result = m_ccsinjection_run(targetIP,port)
File "/home/noon/Noon/a2sv/module/M_ccsinjection.py", line 329, in m_ccsinjection_run
strLogPre = "[%s] %s:%d" % (strVer,strHost,iPort)
TypeError: %d format: a number is required, not str

258 line variable 'rule' is not defined in M_poodle.py file

rule.waitForData()
if len(rule.buffer) > 0:
       strBuf += rule.buffer

i am working in windows with pycharm. its not giving output. showing errors

Why is the last line in that file connecting to:
m_drown_run("116.67.40.150",443)

Upload Screenshot Image

Traceback (most recent call last):
File "a2sv.py", line 352, in
targetIP = socket.gethostbyname(target)
socket.gaierror: [Errno -2] Name or service not known

when I put the python command a2sv.py -t and the target puts me this

If i try to run heart check, i get error. Every other check function works fine. The script is updated to latest version. You mentioned that you patched it but im still getting this error. If i try to run all the check s except heart, it will still run heart and return error. Heres the error log:

 - [LOG] Sending Client Hello...
 - [LOG] Waiting for Server Hello...
 - [LOG] Sending heartbeat request..
Traceback (most recent call last):
  File "a2sv.py", line 421, in <module>
    runScan(checkVun)
  File "a2sv.py", line 147, in runScan
    heartbleed_result = m_heartbleed_run(targetIP,port,displayMode)
  File "/home/blkzer0/Desktop/scripts/scanners/a2sv/module/M_heartbleed.py", line 196, in m_heartbleed_run
    check(target,port,"","","",displayMode)
  File "/home/blkzer0/Desktop/scripts/scanners/a2sv/module/M_heartbleed.py", line 188, in check
    response = hit_hb(s,dumpf, host, quiet)
  File "/home/blkzer0/Desktop/scripts/scanners/a2sv/module/M_heartbleed.py", line 97, in hit_hb
    typ, ver, pay = recvmsg(s)
  File "/home/blkzer0/Desktop/scripts/scanners/a2sv/module/M_heartbleed.py", line 83, in recvmsg
    hdr = recvall(s, 5)
  File "/home/blkzer0/Desktop/scripts/scanners/a2sv/module/M_heartbleed.py", line 74, in recvall
    data = s.recv(remain)
socket.error: [Errno 104] Connection reset by peer

Hi....

Scan result possible save to file, like html, txt...etc??

Or just ONLY a2sv -t xxxxxxx >> file location??

.

Traceback (most recent call last):
File "a2sv.py", line 281, in
runScan(checkVun)
File "a2sv.py", line 148, in runScan
poodle_result = m_poodle_run(targetIP,port)
File "/root/a2sv/module/M_poodle.py", line 23, in m_poodle_run
result = test_server(hostname, port, ssl.PROTOCOL_SSLv3, timeout)
AttributeError: 'module' object has no attribute 'PROTOCOL_SSLv3'