Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nmapMatthew Boyle, Daniel MillerNMAP:SSLV2.NSE
HistoryNov 06, 2008 - 2:52 a.m.

sslv2 NSE Script

2008-11-0602:52:59
Matthew Boyle, Daniel Miller
nmap.org
200

0.973 High

EPSS

Percentile

99.9%

JSON

Determines whether the server supports obsolete and less secure SSLv2, and discovers which ciphers it supports.

Script Arguments

mssql.domain, mssql.instance-all, mssql.instance-name, mssql.instance-port, mssql.password, mssql.protocol, mssql.scanned-ports-only, mssql.timeout, mssql.username

See the documentation for the mssql library.

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

smtp.domain

See the documentation for the smtp library.

randomseed, smbbasic, smbport, smbsign

See the documentation for the smb library.

tls.servername

See the documentation for the tls library.

Example Usage

nmap -sV -sC <target>

Script Output

443/tcp open   https   syn-ack
| sslv2:
|   SSLv2 supported
|   ciphers:
|     SSL2_DES_192_EDE3_CBC_WITH_MD5
|     SSL2_IDEA_128_CBC_WITH_MD5
|     SSL2_RC2_128_CBC_WITH_MD5
|     SSL2_RC4_128_WITH_MD5
|     SSL2_DES_64_CBC_WITH_MD5
|     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
|_    SSL2_RC4_128_EXPORT40_WITH_MD5

Requires

local shortport = require "shortport"
local sslcert = require "sslcert"
local sslv2 = require "sslv2"

description = [[
Determines whether the server supports obsolete and less secure SSLv2, and discovers which ciphers it
supports.
]]

---
--@output
-- 443/tcp open   https   syn-ack
-- | sslv2:
-- |   SSLv2 supported
-- |   ciphers:
-- |     SSL2_DES_192_EDE3_CBC_WITH_MD5
-- |     SSL2_IDEA_128_CBC_WITH_MD5
-- |     SSL2_RC2_128_CBC_WITH_MD5
-- |     SSL2_RC4_128_WITH_MD5
-- |     SSL2_DES_64_CBC_WITH_MD5
-- |     SSL2_RC2_128_CBC_EXPORT40_WITH_MD5
-- |_    SSL2_RC4_128_EXPORT40_WITH_MD5
--@xmloutput
--<elem>SSLv2 supported</elem>
--<table key="ciphers">
--  <elem>SSL2_DES_192_EDE3_CBC_WITH_MD5</elem>
--  <elem>SSL2_IDEA_128_CBC_WITH_MD5</elem>
--  <elem>SSL2_RC2_128_CBC_WITH_MD5</elem>
--  <elem>SSL2_RC4_128_WITH_MD5</elem>
--  <elem>SSL2_DES_64_CBC_WITH_MD5</elem>
--  <elem>SSL2_RC2_128_CBC_EXPORT40_WITH_MD5</elem>
--  <elem>SSL2_RC4_128_EXPORT40_WITH_MD5</elem>
--</table>


author = {"Matthew Boyle", "Daniel Miller"}
license = "Same as Nmap--See https://nmap.org/book/man-legal.html"

categories = {"default", "safe"}


portrule = function(host, port)
  return shortport.ssl(host, port) or sslcert.getPrepareTLSWithoutReconnect(port)
end

action = function(host, port)
  local ciphers = sslv2.test_sslv2(host, port)

  if ciphers then
    host.registry.sslv2 = host.registry.sslv2 or {}
    host.registry.sslv2[port.number .. port.protocol] = ciphers
    return {
      "SSLv2 supported",
      ciphers = #ciphers > 0 and ciphers or "none"
    }
  end
end

Related

nmap 199
nmap
nmap
memcached-info NSE Script
2012-01-02 11:30:18
oracle-enum-users NSE Script
2010-08-19 23:09:32
pcanywhere-brute NSE Script
2012-06-18 18:16:50

0.973 High

EPSS

Percentile

99.9%

JSON
Related for NMAP:SSLV2.NSE
nmap199