Python-如何打印每个密码套件请求支持多少个网站

时间:2019-10-30 22:10:10

标签: python sockets ssl encryption

因此,我的hosts.txt文件中有20个网站,每个网站都运行一个WeakCipher , KnownCipher, ModernCipher以测试是否可以建立连接。

这是一次学校作业,我被告知要测试3种密码。

如何打印每个密码套件支持多少个网站? 

import socket
import ssl
import grequests
import re


WeakCipher = 'NULL-MD5'

KnownCipher = 'DHE-RSA-AES256-GCM-SHA384'

ModernCipher = 'ECDHE-RSA-AES256-SHA384'

#Read from txt file and convert it into a List.
List = open("C:\\Users\\Farzad\\Desktop\\hosts.txt").read().splitlines()

#async method to do more than 1 URL at a time
rs = (grequests.get(url) for url in List)
requests = grequests.map(rs)


for response in requests:
    urlfix = re.compile(r"https?://(www\.)?")
    urlre = urlfix.sub('', response.url).strip().strip('/')

    context = ssl.create_default_context()
    context.set_ciphers(WeakCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR WEAK CIPHER")
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR WEAK CIPHER")


    context = ssl.create_default_context()
    context.set_ciphers(KnownCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR MODERN CIPHER")
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR KNOWN CIPHER" )


    context = ssl.create_default_context()
    context.set_ciphers(ModernCipher)
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    ssl_sock = context.wrap_socket(s, server_hostname=urlre)
    try:
        ssl_sock.connect((urlre, 443))
    except Exception as e:
        print("ERROR:", response.url, "DOES NOT SUPPORT YOUR MODERN CIPHER" '\n')
    else:
        print(response.url,"CONNECTION ESTABLISHED WITH YOUR MODERN CIPHER" '\n')

1 个答案:

答案 0 :(得分:0)

您可以编写一个bash脚本来测试密码套件。它应该从OpenSSL获取受支持的密码套件的列表,并尝试使用每个套件进行连接。如果握手成功,则应打印YES。如果握手失败,则打印NO,然后显示OpenSSL错误文本。

nmap有一个示例脚本可供您参考。 带有ssl-enum-ciphers的Nmap 

WeakCipher = 'NULL-MD5'

t_weak=0

context = ssl.create_default_context()
context.set_ciphers(WeakCipher)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
ssl_sock = context.wrap_socket(s, server_hostname=urlre)
try:
    ssl_sock.connect((urlre, 443))
except Exception as e:
    print("ERROR:", response.url, "DOES NOT SUPPORT YOUR WEAK CIPHER")
else:
    t_weak +=1
    print(response.url,"CONNECTION ESTABLISHED WITH YOUR WEAK CIPHER")

print("Number of websites with Weak cipher", t_weak)
相关问题
最新问题