Python - 如何打印有多少网站支持每个密码套件请求

标签 python sockets ssl encryption

所以我的 hosts.txt 文件中有 20 个网站,每个网站都运行 WeakCipher、KnownCipher、ModernCipher 来测试是否可以建立连接。

这是一项学校作业,要求我测试 3 种密码。

我怎样才能打印出有多少网站支持每个密码套件?

import socket
import ssl
import grequests
import re


WeakCipher = 'NULL-MD5'

KnownCipher = 'DHE-RSA-AES256-GCM-SHA384'

ModernCipher = 'ECDHE-RSA-AES256-SHA384'

#Read from txt file and convert it into a List.
List = open("C:\\Users\\Farzad\\Desktop\\hosts.txt").read().splitlines()

#async method to do more than 1 URL at a time
rs = (grequests.get(url) for url in List)
requests = grequests.map(rs)


for response in requests:
    urlfix = re.compile(r"https?://(www\.)?")
    urlre = urlfix.sub('', response.url).strip().strip('/')

    context = ssl.create_default_context()
    context.set_ciphers(WeakCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR WEAK CIPHER")
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR WEAK CIPHER")


    context = ssl.create_default_context()
    context.set_ciphers(KnownCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR MODERN CIPHER")
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR KNOWN CIPHER" )


    context = ssl.create_default_context()
    context.set_ciphers(ModernCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR MODERN CIPHER" '\n')
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR MODERN CIPHER" '\n')

最佳答案

您可以编写 bash 脚本来测试密码套件。它应该从 OpenSSL 获取支持的密码套件列表,并尝试使用每个密码套件进行连接。如果握手成功,它应该打印 YES。如果握手不成功,它会打印 NO,然后是 OpenSSL 错误文本。

nmap 有一个示例脚本,您可以引用。 带有 ssl-enum-ciphers 的 Nmap

WeakCipher = 'NULL-MD5'

t_weak=0

context = ssl.create_default_context()
context.set_ciphers(WeakCipher)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = context.wrap_socket(s, server_hostname=urlre)
try:
    ssl_sock.connect((urlre, 443))
except Exception as e:
    print("ERROR:", response.url, "DOES NOT SUPPORT YOUR WEAK CIPHER")
else:
    t_weak +=1
    print(response.url,"CONNECTION ESTABLISHED WITH YOUR WEAK CIPHER")

print("Number of websites with Weak cipher", t_weak)

关于Python - 如何打印有多少网站支持每个密码套件请求,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/58634308/

上一篇:c# - Azure VM 上的双向 SSL 证书交换

下一篇:ssl - traefik 1.7.X - 在 access.log 中记录 TLS 版本

相关文章:

c# - 仅实现 Json 和 https 的 Wcf 服务

python - 如何通过 API 创建带标题的 Imgur 相册?

python - Python 类表示方法

python - 访问这个 python Pandas 系列的最后一个元素

php - 使 PHP socket_connect 超时

sockets - 调用accept()后如何更改套接字的监听端口?

sockets - 从 lisp 中的套接字流读取行

java - 动态生成的 SSL 站点

python - Pyinstaller 不能很好地与 ImageTk 和 Tkinter 配合使用

php - 意外开启 phpmyadmin 的 SSL/HTTPS

©2024 IT工具网  联系我们