Welcome to pySSLScan’s documentation!

Installation

You can install pySSLScan with pip:

$ pip install sslscan

See Introduction for more information.

Contents:

Introduction

Installation

As a Python egg

You can install the most recent pySSLScan version using pip

$ pip install sslscan
From a tarball release

Download the most recent tarball from github, unpack it and run the following command on the command-line.

$ python setup.py install
Install the development version

Install git and run the following commands on the command-line.

$ git clone https://github.com/DinoTools/pysslscan.git
$ cd pysslscan
$ python setup.py install

How to use

The pySSLScan framework provides an API to write tests for SSL enabled services. But it also includes a command-line interface to get you started in a few steps.

Command-line

Use the --help parameter to display the main help. This will give a short overview about all global options available and list all subcommands.

$ pysslscan --help

Subcommands are very helpful and extend the command-line interface. To get help for a subcommand just specify the command and append the --help option. The result of the following example command will be the help for the scan command.

$ pysslscan scan --help
Performe a basic scan

First of all get a list of all available scan modules.

$ pysslscan scan.list
client.ciphers - List all client ciphers.
server.preferred_ciphers - Detect preferred server ciphers.
server.certificate - Extract certificate information.
...

After that determine what reporting modules are available.

$ pysslscan report.list
term - Print results to the terminal.
...

Choose some of the modules and perform a target scan. In the example below two scan modules are used. The first one is server.ciphers to detect all supported ciphers available on the server and the second one is vuln.heartbleed to run test to detect if the server is vulnerable by the heartbleed bug. To display the scan results on the command-line the reporting module term is used. The --tls10 option enables all TLSv1.0 ciphers.

$ pysslscan scan --scan=server.ciphers --scan=vuln.heartbleed --report=term --tls10 127.0.0.1
Highlight the result

pySSLScan provides also some rating modules to highlight important facts in the result.

First of all have a look at the list of available rating modules.

$ pysslscan rating.list
ssllabs.2009c - Rating used by SSL Labs 2009c
ssllabs.2009d - Rating used by SSL Labs 2009d
...

Perform the scan from an earlier example but specify a rating module.

$ pysslscan scan --scan=server.ciphers --scan=vuln.heartbleed --report=term:rating=ssllabs.2009e --tls10 127.0.0.1
Use a protocol handler

pySSLScan has support for different protocols which are handled by a special handler module. By default pySSLScan will perform a basic TCP connect to scan a target but it supports also protocols like HTTP or SMTP.

The example below will print a list of all available handler modules.

$ sslscan.py handler.list
tcp - Handle raw TCP-connections.
smtp - Handle SMTP-connections.
http - Handle HTTP-connections.
...

To use a handler module it has to be specified as shown in the next example.

$ pysslscan scan --scan=server.ciphers --report=term:rating=rbsec --tls10 'smtp://127.0.0.1:25?starttls=true'

Python API

ToDo

API Reference

Scanner

class sslscan.Scanner(module_manager=None)[source]

The main scanner object.

append(module)[source]

Append a scan or report module.

Parameters:module – Instance of a scan or report module
append_load(name, config, base_class=None)[source]

Append a module but load it first by using the module manager.

Parameters:
  • name (String) – Name of the module to load
  • config (Mixed) – Config of the module
  • base_class (class) – Module lookup filter
Returns:

False if module not found
get_enabled_methods()[source]

Uses the scanner config to create and return a list of all enabled SSL methods.

Returns:List of methods
Return type:List
get_knowledge_base()[source]

Return the knowledge base used by this scanner.

get_module_manager()[source]

Return the active module manager for this scanner.

load_handler_from_uri(host_uri)[source]

Load a handler from a given uri.

Parameters:host_uri (String) – The URI
Returns:The handler
load_rating(name)[source]

Use the active module manager to load a rating module

Parameters:name (String) – Name of the rating module
run()[source]

Execute all scan and report modules attached to the scanner.

run_reports()[source]

Execute all report modules attached to the scanner.

run_scans()[source]

Execute all scan modules attached to the scanner.

set_handler(handler)[source]

Set the active protocol handler.

Parameters:handler – Instance of the handler

Config

A collection of classes to handle the configuration of a scanner or a module.

class sslscan.config.BaseConfig(options=None, parent=None)[source]

The base config. All other configuration classes use it as base class.

add_option(name, **kwargs)[source]

Add an option.

Parameters:
  • name (String) – Name of the config option
  • kwargs – Additional params are used for a new sslscan.config.Option instance
add_option_group(group)[source]

Add grouped options.

Parameters:group (sslscan.config.OptionGroup) – Instance of sslscan.config.OptionGroup
get_option(name)[source]

Return an option.

Parameters:name (String) – The name of the option
Returns:The option or None if not found
get_option_map()[source]

Return the option map

get_option_names()[source]

Return list of option names

get_parent()[source]

Return the parent config object or None if no parent is set.

Returns:Object or None
get_value(name, default=None)[source]

Get the value of an option.

Parameters:
  • name (String) – Name of the option
  • default (Mixed) – Default value
Returns:

If found the value of the option or the default value
set_parent(parent)[source]

Set the current parent config object.

Parameters:parent (Object|None) – Set or reset parent config object
set_value(name, value)[source]

Set the value of an option.

Parameters:
  • name (String) – Name of the option
  • value (Mixed) – The value of the option to set
Returns:

False or True
Return type:

Boolean
set_values(data)[source]

Set the value of multiple options at once.

Parameters:date – The values to set
Todo:Improve docs
class sslscan.config.ModuleConfig(module=None, **kwargs)[source]

Holds the config of a module

Parameters:module – The module this config is for
get_module()[source]
class sslscan.config.Option(name, action='store', default=None, help='', metavar='', type='string', values=None, negation=None, parent=None)[source]
convert_value_type(value)[source]

Tries to convert the value into the right type

Parameters:value (Mixed) – Value to convert
Returns:The value
Return type:Mixed
get_parent()[source]

Return the parent config object or None if no parent is set.

Returns:Object or None
get_value(default=None)[source]

Get the value.

Parameters:default (Mixed) – Default value if value of option not set
Returns:The value or the default value
Return type:Mixed
set_value(value)[source]

Set the value and returns True if it was successful or False if not.

Parameters:value (Mixed) – The value
Raises sslscan.exception.OptionValueError:
 if types do not match
class sslscan.config.OptionGroup(label, help=None)[source]

Used to group multiple options

class sslscan.config.ScanConfig(**kwargs)[source]

Holds the config of a scanner instance

Knowledge base

The knowledge base is used to store and access all collected information.

Example 1:

>>> kb = KnowledgeBase()
>>> kb.set("test.foo", 1234)
>>> kb.get("test.foo")

Example 2:

>>> kb = KnowledgeBase()
>>> cipher = Cipher()
>>> kb.append("client.ciphers", cipher)
>>> kb.get("client.ciphers")

Example 3:

>>> group = ResultGroup(label="My Results")
>>> value = ResultValue(label="Yes/No", True)
>>> group.append(value)
class sslscan.kb.BaseResult(label=None)[source]

Base class for custom results.

class sslscan.kb.Cipher(method=None, name=None, bits=None, status=None)[source]

This class is used to store all information for a cipher.

method_name[source]
status_name[source]
class sslscan.kb.KnowledgeBase[source]

The knowledge base is used to store and access all collected information.

append(kb_id, value)[source]

Append a new value to the knowledge base.

Parameters:
  • kb_id (String) – The ID of the value
  • value (Mixed) – The value
get(kb_id)[source]

Fetch a value by its ID

Parameters:kb_id (String) – The ID
Todo:Add default value
get_group_ids(kb_id)[source]

Collect and return all values that are result groups.

The given kb_id is used as filter.

Parameters:kb_id (String) – The ID
get_list(kb_id)[source]

Fetch all values and sub-values by a given ID

Parameters:kb_id (String) – The ID
Returns:List of values
Return type:List
set(kb_id, value)[source]
class sslscan.kb.ResultGroup(**kwargs)[source]

Group results

append(item)[source]
get_items()[source]
class sslscan.kb.ResultValue(name=None, value=None, **kwargs)[source]

A single result value

Modules

class sslscan.module.BaseModule(scanner=None, config=None)[source]

Base class used by all modules.

It provides the basic functionality.

get_scanner()[source]

Get the current scanner instance.

set_scanner(scanner)[source]

Set the scanner instance the module was appended to.

Changelog

0.3 - master

Note

This version is not yet released and is under active development.

0.2 - 2014-07-28

  • Add: API documentation and docstrings
  • Add: Support for Python 2.x
  • Add: Logging
  • Change: Improve command-line UI

0.1 - 2014-05-11

Proof of concept

  • Initial release.

Indices and tables