ul

[Gildo Santiago]

A2SV is an open-source Python tool that automatically scans SSL vulnerabilities including CCS injection, HeartBleed, FREAK, Logjam, CRIME, Anonymous Cipher, SSL v2 Drown, and SSL v3 POODLE. CCS is a short form of ChangeCipherSpec messages exchanged during SSL connection. CCS messages indicate that the communication between two nodes (machines) is encrypted now. CCS is however vulnerable to eavesdropping, allowing the attacker to enforce weak SSL keys. The attacker, later on, can decrypt theses weak keys. HeartBleed is an OpenSSL cryptographic software library vulnerability that makes it easier to steal the protected information. POODE is Padding Oracle On Downgraded Legacy Encryption attack that takes advantage of SSL v3 vulnerabilities. FREAK is Factoring Attack on RSA-EXPORT Keys CVE-2015-0204. Logjam is a Diffie-Hellman key exchange vulnerability that tricks user into using weak encryption. CRIME is Compression Ratio Info-leak Made Easy attack capable of session hijacking over secure (HTTPS) connections. Anonymous cipher is cipher suites with no authentication keys. Anonymous cipher are vulnerable to man in the middle attack. DROWN is a short form of Decrypting RSA using Obsolete and Weakened Encryption. It takes advantage of SSL v2 vulnerabilities to attack servers that support modern SSL/TLS versions. A2SV tool can automatically assess the possibility of these vulnerabilities in a target website, server, or application that supports SSL prototol.

We can either install A2SV by executing the install.sh file from the source code package or run the tool directly using the main Python file (a2sv.py). The following command installs the tool along with its prerequisites.

A2SV Auto Scanning SSL Vulnerability Tool For Poodle Heartbleed

Download File ……… https://t.co/YZ7YbPzDy2

A2SV maps the url to its IP address to perform the scanning. The tool first confirms that the target IP address supports SSL protocol. If the target does not support SSL, the scanning process halts with an error.

795a8134c1