Solved

tool like openssl for windows

Posted on 2011-09-04
9
777 Views
Last Modified: 2012-05-12
Hi experts,

I am a network engineer and don't normally deal with coding or IT forensics.
What I am looking to do is see the type of response from our SSL sites when it receives an  SSLV2 requests.
I've read that openssl does the trick but I don't think it installs on Windows (correct me if I am wrong). What other tools are available for this?
0
Comment
Question by:trojan81
  • 5
  • 3
9 Comments
 
LVL 21

Expert Comment

by:Papertrip
ID: 36482435
I haven't used this or know anyone who has, but it looks like This app from Shining Light might do the trick.

Why not just fire up a Unix-based VM?  Ubuntu is nice and friendly to those who are used to Windows, then you can just use "openssl s_client" combined with whatever special options you need for your testing.  This approach realistically shouldn't take long at all these days, it's a pretty common practice.
0
 
LVL 8

Assisted Solution

by:ee_reach
ee_reach earned 100 total points
ID: 36482445
Windows binaries for openssl:

http://www.openssl.org/related/binaries.html

Hope this helps.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36482453
Windows binaries for openssl:

http://www.openssl.org/related/binaries.html

Hope this helps.

All that has is the link I already provided.
0
 

Author Comment

by:trojan81
ID: 36485354
Thank you. i was able to load openssl on my Windows 64-bit computer.
I went into DOS and typed in c:\openssl-win64\bin\openssl

Now I get an OPENSSL prompt.

I will diable sslv3 and only allow sslv2 on my browser. I want to then go to www.chase.com and see how it responds.
Can someone provide a same syntax for accomplishing this? Chase IP is 159.53.60.115

0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 

Author Comment

by:trojan81
ID: 36485364
I don't see a syntax for S-client.

OpenSSL> s-client ?
openssl:Error: 's-client' is an invalid command.

OpenSSL> openssl s_client ?
openssl:Error: 'openssl' is an invalid command.
0
 
LVL 21

Accepted Solution

by:
Papertrip earned 400 total points
ID: 36485378
s_client is an argument to give after 'openssl' on the command line, not in interactive mode (although you may be able to, but for the sake of this thread just use the following command).

openssl s_client -connect hostname:port -ssl2

Open in new window


Run that and if you see the certificate, you *should* be good.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36485403
Run that and if you see the certificate, you *should* be good.

I should have clarified.  If you see the certificate, then SSLv2 is enabled.  Not sure what you are trying to accomplish, but disabling SSLv2 and weak ciphers are good things to do.
0
 
LVL 21

Expert Comment

by:Papertrip
ID: 36485430
pod@box:~$ openssl s_client -connect chase.com:443 -ssl2
CONNECTED(00000003)
21740:error:1406D0CB:SSL routines:GET_SERVER_HELLO:peer error no cipher:s2_pkt.c:675:
21740:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:

Open in new window

0
 

Author Closing Comment

by:trojan81
ID: 36485872
Papertrip, thank you.
I was looking to verify that ssl2 was turned off on my site. Since I didn't see the cert when I ran that command I assume it is turned off.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now