module

SSL/TLS Version Detection

Try Surface Command
Back to search
Disclosed
Oct 14, 2014
Created
Nov 8, 2022

Description

Check if a server supports a given version of SSL/TLS and cipher suites.

The certificate is stored in loot, and any known vulnerabilities against that
SSL version and cipher suite combination are checked. These checks include
POODLE, deprecated protocols, expired/not valid certs, low key strength, null cipher suites,
certificates signed with MD5, DROWN, RC4 ciphers, exportable ciphers, LOGJAM, and BEAST.

Authors

todb [email protected]
et [email protected]
Chris John Riley
Veit Hailperin [email protected]
h00die

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':


    msf > use auxiliary/scanner/ssl/ssl_version
    msf auxiliary(ssl_version) > show actions
        ...actions...
    msf auxiliary(ssl_version) > set ACTION < action-name >
    msf auxiliary(ssl_version) > show options
        ...show and set options...
    msf auxiliary(ssl_version) > run
Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report