class SslscanWrapper::Scanner
Attributes
Enable SSL implementation bug work-arounds
sslscan executable
Test a HTTP connection
Only use IPv4
Only use IPv6
Request OCSP response from server
A file containing the private key or a PKCS12 file containing a private key/certificate pair
The password for the private key or PKCS12 file certs=<file> A file containing PEM/ASN1 formatted client certificates
Send RDP preamble before starting scan
Pause between connection request. Default is disabled
Hostname for SNI
Only check SSLv2 ciphers
Only check SSLv3 ciphers
Set socket timeout. Default is 3s
Only check TLSv1.0 ciphers
Only check TLSv1.1 ciphers
Only check TLSv1.2 ciphers
Only check TLS ciphers (all versions)
Use a server-to-server XMPP handshake
Public Class Methods
Initialize a new SslscanWrapper::Scanner
object
Examples
scan = SslscanWrapper::Scanner.new do |s| s.ipv4 = true end
Returns a SslscanWrapper::Scanner
object
# File lib/sslscan_wrapper/scanner.rb, line 59 def initialize @command = 'sslscan' @port = 443 yield self if block_given? end
Public Instance Methods
Scan a target
Returns a SslscanWrapper::Report
object
# File lib/sslscan_wrapper/scanner.rb, line 68 def scan(host, port) execute(host, port) end
Private Instance Methods
# File lib/sslscan_wrapper/scanner.rb, line 74 def cmd(host, port) cmd = [ @command ] + @@SSL_SCAN_ARGS @@SSL_SCAN_FLAGS.each do |flag| next if send(flag).nil? cmd << "--#{flag.to_s.gsub('_', '-')}" end @@SSL_SCAN_OPTIONS.each do |option| next if (value = send(option)).nil? cmd << '--' + option.to_s.gsub('_', '-') cmd << value end cmd << "#{host}:#{port}" end
# File lib/sslscan_wrapper/scanner.rb, line 88 def execute(host, port) command = cmd(host, port) report, err, status = Open3.capture3(*command) raise "Error while executing sslscan: #{err}" unless status.success? SslscanWrapper::Report.new(report) end