Included in almost every GNU/Linux distribution, OpenSSL is the basic SSL/TLS client and includes the functionality that will help you perform some basic test over an HTTPS server.
A basic test would be to do a connection with the server. In this example, we will connect to a test server on port 443 (the default HTTPS port):
openssl s_client -connect 10.7.7.5:443
You can see extensive information about the connection parameters and certificates exchanges in the result shown in the following screenshot. Something worth your attention is that the connection used SSLv3, which is a security issue in itself, as SSL is deprecated and has known vulnerabilities that could result in the full decryption of the information, such as Padding Oracle On Downgraded Legacy Encryption (POODLE), which we will discuss in later chapters:
You will often see cipher suites written as ECDHE-RSA-RC4-MD5. The format is broken down into the following parts:
- ECDHE: This is a key exchange algorithm
- RSA: This is an authentication algorithm
- RC4: This is an encryption algorithm
- MD5: This is a hashing algorithm
A comprehensive list of SSL and TLS cipher suites can be found at: https://www.openssl.org/docs/apps/ciphers.html.
Some other options that you can use with OpenSSL to test your targets better, are as follows:
- Disabling or using specific protocols: Using the -no_ssl3, -no_tls1, -no_tls1_1, and -no_tls1_2 options, you can disable the use of the corresponding protocols and test which ones your target accepts
- Testing one specific protocol: The -tls1, -tls1_1, and -tls1_2 options test only the specified protocol