Beast Attack Scanner

1. #!/usr/bin/perl -w
2.  
3. use strict;
4. use warnings;
5. use IO::Socket::SSL;
6.  
7. print qq{
8. ===============================================
9.  
10. SSL/TLS BEAST Vulnerability Check
11.  by YGN Ethical Hacker Group, http://yehg.net/
12.  
13. ===============================================
14. };
15.  
16. if ($#ARGV != 0) {
17.  print qq{
18. Usage: beast.pl host [port]
19.  
20. port = 443 by default \{optional\}
21. };
22.  exit;
23. }
24.  
25. my $host = $ARGV[0];
26. my $port = 443;
27. if ($#ARGV == 1) {$port = $ARGV[1];}
28.  
29. print qq{
30. Target: $host:$port      
31. };
32.  
33. my $client = new IO::Socket::SSL(
34.           PeerAddr        => $host,
35.           PeerPort        => $port,
36.           Proto           => 'tcp',
37.           SSL_honor_cipher_order => 1,
38.           SSL_version => 'TLSv1'          
39. );
40.            
41. if (defined $client) {
42.         my $v_beast = 'PRONE to BEAST attack.';
43.         my $s_beast = 'YES';
44.         my $cipher = $client->get_cipher();
45.        
46.         if ($cipher =~ /RC4/){
47.             $v_beast = 'NOT vulnerable to BEAST attack.';
48.             $s_beast = 'NO';
49.         }
50.        
51.         print qq{
52. ## The target is $v_beast ##
53.  
54. Protocol: TLS v1
55. Server Preferred Cipher: $cipher
56. Vulnerable: $s_beast
57.  
58. -----------------------------------------------
59. N.B. This check assumes no workaround
60. (i.e. EMPTY FRAGMENT) applied in target server.
61. };
62.         print $client "GET / HTTP/1.0\r\n\r\n";
63.  
64.         close $client;
65. } else {
66.          warn "\nERROR:\nConnecting to the taget\n\nDETAILS:\n",
67.          IO::Socket::SSL::errstr();
68. }
69. warn $! if not defined($client);