SSLv3 POODLE vulnerability scanner
About this tool
The SSLv3 POODLE vulnerability scanner attempts to find SSL servers vulnerable to CVE-2014-3566, also known as POODLE (Padding Oracle On Downgraded Legacy) vulnerability.
This vulnerability may allow an attacker who is already man-in-the-middle (at the network level) to decrypt the static data from an SSL communication between the victim user and a vulnerable server. The attacker will probably try to obtain the HTTP cookies or other static data. For that, he needs to convince both the victim's browser and the server to speak SSLv3 and to use a vulnerable cipher (in Cipher Block Chaining mode). This could be done by forcing a downgrade during the SSL/TLS negociation.
When a vulnerable server is found, the tool displays the actual SSLv3 CBC cipher supported.
- Target host(s): Can be specified as IP range, single IP or hostname. An IP range can be specified like 100.101.102.1-254. Maximum 255 hosts can be scanned in a row.
- Port: The tool will scan for SSL service running on this port
- Do reverse DNS: When checked, the tool will attempt to do reverse DNS for each live IP in the IP range. It will return the hostname of that IP configured in DNS. This option slows down the scan.
How it works
The scanner first tries to determine which hosts from the target range have the specified port open and then it tries to probe for the SSLv3 POODLE vulnerability.
The vulnerability is discovered by trying to negociate with the server an SSLv3 connection with a vulnerable CBC cipher. If the negociation succeeds, the host is declared vulnerable.