Quote:
Originally Posted by Saicharan Burle
This is the draft of my script
|
Thanks for posting but next time please add that to your initial post, OK?
The script could do with some improvements because
- you're changing into a directory and using cat|grep where you could just grep /complete/path/file,
- you're using a "for" loop instead of a "while" loop (
http://mywiki.wooledge.org/DontReadLinesWithFor),
- you're not looking ('man find') for configuration files but
assuming they're just called "ssl.conf",
- you're not using proper temporary file names ('man mktemp') and I think it would be easier to pull a script in, execute it and have your details on stdout...
More importantly: addressing CVE-2014-3566 only now is criminally negligent behaviour, period. If you want to scan for POODLE then use nmap with the
POODLE NSE script. That's more efficient because you avoid reinventing the Wheel.