Parse JSON files produced by sslyze tool to print lists of servers with specific issues.
CutSec 2019-11-25 16:42:10
> ./sslyze_target_list.py -h
usage: sslyze_target_list.py [-h] [-t] [-c] [-v] filename.json
SSLyze JSON Parser
positional arguments:
filename.json
optional arguments:
-h, --help show this help message and exit
-t, --target_list list targets that were scanned
-c, --cert_check list targets with weak certificates
-v, --vuln_check list targets with known SSL/TLS vulnerabilities
CutSec 2019-11-25 16:47:58
> ./sslyze_target_list.py -t -c sslyze_10.111.222.32-27_open_20191122.json
### Target List ###
10.111.222.46:9003
10.111.222.45:1452
10.111.222.41:1452
10.111.222.43:1452
10.111.222.48:1452
10.111.222.44:1452
10.111.222.46:1452
10.111.222.42:1452
10.111.222.47:1452
10.111.222.47:9003
10.111.222.48:9003
10.111.222.50:1452
10.111.222.50:9003
10.111.222.49:9003
10.111.222.49:1452
### Certificate Issue List ###
tlsv1.AES256-SHA.256bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1.AES128-SHA.128bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1.DES-CBC3-SHA.112bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1.ECDHE-RSA-AES256-SHA.256bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1.ECDHE-RSA-AES128-SHA.128bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1_1.DES-CBC3-SHA.112bits
10.111.222.46:9003,10.111.222.45:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:1452
tlsv1_2.DES-CBC3-SHA.112bits
10.111.222.46:9003,10.111.222.46:9003,10.111.222.45:1452,10.111.222.45:1452,10.111.222.41:1452,10.111.222.41:1452,10.111.222.43:1452,10.111.222.43:1452,10.111.222.48:1452,10.111.222.48:1452,10.111.222.44:1452,10.111.222.44:1452,10.111.222.46:1452,10.111.222.46:1452,10.111.222.42:1452,10.111.222.42:1452,10.111.222.47:1452,10.111.222.47:1452,10.111.222.47:9003,10.111.222.47:9003,10.111.222.48:9003,10.111.222.48:9003,10.111.222.50:1452,10.111.222.50:1452,10.111.222.50:9003,10.111.222.50:9003,10.111.222.49:9003,10.111.222.49:9003,10.111.222.49:1452,10.111.222.49:1452
None
List of things that still need some work.
- Need a LOT more JSON test cases to process.
- JSON output from the different vulnerability categories needs to be understood better to process effectively.
- Need a better list of bad cert values to generate target lists.
- Output report verbiage (issue and recommendation) that can be imported into reports.