[Ach] git pull: android ciphers, and tools

christian mock cm at coretec.at
Sat Nov 16 20:58:51 CET 2013

Despite the efforts of the Android SDK to the contrary, I managed to
extract all the cipherlists from Android 1.5 up to 4.4, see

I also created a new directory /tools with the scripts used for that;
the one that could be interesting for others is
sniff-client-ciphers.pl, which takes a packet capture file (any format
tshark can read), finds the first SSL client handshake packet, and
dumps the cipherlists, TLS version, extensions etc to stdout.

This might come in handy for checking the capabilities of clients that
cannot display a web page, such as mail or XMPP clients.


Christian Mock                          Wiedner Hauptstr. 15
Senior Security Engineer                1040 Wien
CoreTEC IT Security Solutions GmbH      +43-1-5037273
FN 214709 z

CoreTEC: Web Application Audit - Damit so etwas nicht passiert!



More information about the Ach mailing list