search

drwetter / testssl.sh

Testing TLS/SSL encryption anywhere on any port
https://testssl.sh
GNU General Public License v2.0
7.94k stars 1.02k forks source link

display parts of STARTTLS handshake/banner #763

Open drwetter opened 7 years ago

drwetter commented 7 years ago

... in the header section

drwetter commented 4 years ago

There's some code in testssl.sh already (~ L2190).

In addition NTLM SMTP servers are sometimes verbose, see https://svn.nmap.org/nmap/scripts/smtp-ntlm-info.nse / https://curl.haxx.se/rfc/ntlm.html#ntlmSmtpAuthentication :

220 XXX-XXXXXXXXXXXXXX.com Microsoft ESMTP MAIL Service ready at Tue, 1 Sep 2020 17:02:13 +0200
EHLO moin.de
250-XXX-XXXXXXXXXXXXXX.com Hello [AAA.AAA.AAA.AAA]
250-SIZE 36700160
250-PIPELINING
250-DSN
250-ENHANCEDSTATUSCODES
250-STARTTLS
250-X-ANONYMOUSTLS
250-AUTH NTLM
250-X-EXPS GSSAPI NTLM
250-8BITMIME
250-BINARYMIME
250-CHUNKING
250 XRDST
AUTH NTLM TlRMTVNTUAABAAAABzIAAAYABgArAAAACwALACAAAABXT1JLU1RBVElPTkRPTUFJTg==
334 <server_reply_base64string_with_useful_info_see https://nmap.org/nsedoc/scripts/smtp-ntlm-info.html>

This is just a nice-to-have.