SSL V3 Poodle : Shell script to verify the server

Copy below as poodle.sh

Execute this command as below:

sh poodle.sh <site>

or,

sh poodle.sh <site>:<port>

 

#!/bin/sh
help()
{
echo
echo "Usage: "
echo "sh poodle.sh <hostname>:<port>"
echo
echo "Example"
echo "sh poodle.sh google.com:443"
echo "sh poodle.sh symantec.com:443"
exit
}

hostname=$1
if [ $# -ne 1 ]
then
help
elif [ "$hostname" == '-h' ]
then
help
fi

echo $hostname | grep ":" >/dev/null
if [ $? -ne 0 ]
then
hostname=$hostname:443
fi

echo "Sending Test request to $hostname....."

echo
echo

output=`openssl s_client -connect $hostname -ssl3 < /dev/null` 2>/dev/null

echo
echo
echo "Test Complete ....."
echo
echo
echo $output | grep "ssl handshake failure" >/dev/null
if [ $? -eq 0 ]
then

echo "Server verified : $hostname"
echo "Wow !! No POODLE issue found "

else

echo "Server checked: $hostname --> Issue exist "
echo "Please disble SSL V3 on the server"

fi


 

Advertisements