Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Athena SSL Cipher Check v0.6.2
From: Darren McDonald <athena () dmcdonald net>
Date: Wed, 5 Jan 2011 22:12:46 +0000

Athena SSL Cipher Check has been updated to version 0.6.2, and
contains some important bug fixes.

Download it from http://dmcdonald.net/athena-ssl-cipher-check_v062.tar.gz

athena-ssl-cipher-check is an SSL Cipher scanner. Unlike most
scanners, rather than scanning the
few ciphers openssl supports, it checks for every possible cipher by
enumerating all 65536 cipher codes.

<arse covering>
Id recommended runnning it along another checker, as while athena is
becoming more reliable, I imagine there are some more bugs out there.
Athena's rather aggressive implementation of SSL/TLS can sometimes
break stuff, dont run it against critical live infrastructure! :)
</arse covering>

I'd be greatful for any bugs/comments you have.

26 Aug 2010 - Update v0.521
* It appears I left a bit of debug code which outputed '*' symbols.
v0.521 should fix this

8 Sept 2010 - Update v0.53
* The time it takes Athena to run has been reduced by about 20-50%
* A bug where Athena incorrectly reported it was scanning first and
second arguements,
even if they were options has been corrected

27 Oct 2010 - Update v0.6
* Bug fixed which sometimes prevented athena from seeing some sslv2 ciphers
* Includes a client side cipher checker
* Can now identify over 200 cipher codes

5 Jan 2011 - Update v0.62
* Bug fixed which sometimes prevents athena seeing some ciphers (thanks Dom)
* Bug fixed which sometimes caused athena to erronously report known
ciphers as unknown
* --lazy mode added which advises on which ciphers to disable (Thanks
to other Dom)
* --safe mode which allows athena to work with webservers which do not
follow the RFCs and ignore the first ciphersuite size byte.
* General code tidy
* Added another SSLv2 cipher (8 total)
* Can now identify 215 SSLv3/TLSv1 Ciphers

Thanks,

Darren

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Athena SSL Cipher Check v0.6.2 Darren McDonald (Jan 05)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]