Thursday, March 3, 2016

My Own DROWN Detection Tool

I had to find a quick way to detect the DROWN vulnerability on a large enterprise level network, so this goes more into the vulnerability management realm, but I was tasked with it none the less and I thought others might get some use from my work here as well.

I didn't like the scanning tool from drownattack.com and most of the systems in scope were internal so I couldn't use their online version either. First I tried OpenSSL but the version that comes with Kali 2 does not support SSLv2 even thought the help menu says it does. I was going to try and recompile OpenSSL to add SSLv2 support but that was proving to be a pain in the ass.

That's when I made a little bash script that uses NMAP and TestSSLServer to detect SSLv2 support on port 443 of a web server. All you need to do is provide a list of IPs and it goes to work, unlike all the other tools available at the moment, the output is clear and easy to understand. It does lack features and support for other ports. If the tool proves popular I will be happy to add both. Enjoy and happy hacking :)

Get the DROWN Detection Tool from GitHub.

**UPDATE: Thanks to ngharo for the code contribution. Already merged your changes into master!

No comments: