Summerschool Aachen 2005/Challenges/SSL fingerprinting

I remembered I already did some SSL fingerprinting. The [ Pen Testing Toolkit], a very loose collection of tooles created by me contains [ssltest] which is mainly to test which ciphers are available to an ssl server but also prints out some additiona information.

Example:

md@hextatic ~/Documents/repos/ptt$ python bin/ssltest houston.informatik.rwth-aachen.de
Testing ciphers for houston.informatik.rwth-aachen.de:443
Certificate subject: '/C=DE/ST=./O=./CN=houston.informatik.rwth-aachen.de/emailAddress=.'
Certificate issuer:  '/C=DE/ST=./L=./O=./CN=houston/emailAddress=.'
Ciphers supported by houston.informatik.rwth-aachen.de:443
40 Bit Encryption:      EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-EDH-RSA-DES-CBC-SHA, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-EDH-RSA-DES-CBC-SHA, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-EDH-RSA-DES-CBC-SHA
56 Bit Encryption:      DES-CBC-MD5, DES-CBC-SHA, EDH-RSA-DES-CBC-SHA, DES-CBC-SHA, EDH-RSA-DES-CBC-SHA, DES-CBC-SHA, EDH-RSA-DES-CBC-SHA
64 Bit Encryption:      RC4-64-MD5
128 Bit Encryption:     RC2-CBC-MD5, RC4-MD5, RC4-SHA, DHE-RSA-AES128-SHA, AES128-SHA, RC4-MD5, RC4-SHA, DHE-RSA-AES128-SHA, AES128-SHA, RC4-MD5, RC4-SHA, DHE-RSA-AES128-SHA, AES128-SHA, RC4-MD5
168 Bit Encryption:     DES-CBC3-MD5, EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA, EDH-RSA-DES-CBC3-SHA, DES-CBC3-SHA
256 Bit Encryption:     DHE-RSA-AES256-SHA, AES256-SHA, DHE-RSA-AES256-SHA, AES256-SHA, DHE-RSA-AES256-SHA, AES256-SHA
md@hextatic ~/Documents/repos/ptt$ python bin/ssltest secure.amazon.de
Testing ciphers for secure.amazon.de:443
Certificate subject: '/C=US/ST=Washington/L=Seattle/O=Amazon.com Inc./CN=secure.amazon.de'
Certificate issuer:  '/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority'
Ciphers supported by secure.amazon.de:443
40 Bit Encryption:      EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5, EXP-DES-CBC-SHA, EXP-RC4-MD5, EXP-RC2-CBC-MD5
56 Bit Encryption:      DES-CBC-MD5, DES-CBC-SHA, EXP1024-RC4-SHA, DES-CBC-SHA, EXP1024-RC4-MD5, EXP1024-RC2-CBC-MD5, EXP1024-DES-CBC-SHA, EXP1024-RC4-SHA, DES-CBC-SHA, EXP1024-RC4-MD5, EXP1024-RC2-CBC-MD5, EXP1024-DES-CBC-SHA
64 Bit Encryption:      RC4-64-MD5
128 Bit Encryption:     IDEA-CBC-MD5, RC2-CBC-MD5, RC4-MD5, RC4-SHA, RC4-MD5, IDEA-CBC-SHA, RC4-SHA, AES128-SHA, RC4-MD5, IDEA-CBC-SHA, RC4-SHA, AES128-SHA, RC4-MD5, IDEA-CBC-SHA
168 Bit Encryption:     DES-CBC3-MD5, DES-CBC3-SHA, DES-CBC3-SHA, DES-CBC3-SHA
256 Bit Encryption:     AES256-SHA, AES256-SHA

The rool is a re-implementation of a tool by Johnny Cyberpunk and was originally meant for penetratoion testing. I'ss see what else I can do with it.