HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

Perl heartbleed bug vulnerabilities scaner

Status
Not open for further replies.
S

sQuo

~ KillmeMories ~
Shadow
User
Joined
Oct 16, 2011
Messages
5,851
Reputation
0
Reaction score
22,904
Points
688
Credits
0
‎13 Years of Service‎
24%
[LENGUAJE=perl]#!/usr/local/bin/perl

#####################################################

# #

# Built to check for heartbleed bug vulnerabilities #

# Author: Andrew Speer #

# Date: 20140408 #

# Desc: Scans hosts which respond on common SSL #

# ports (443, 8443) for Heartbeat. #

# #

#####################################################

use strict;

use warnings;

use Getopt::Std;

use NetAddr::IP;

my @ips;

my $date = `date`;

chomp ($date);

my $fn;

my @networks;

my @ports = ('443', '8443');

my $timeout;

my %args;

# -i ip address(s) to scan seperated by commas

# -n network(s) to scan seperated by commas

# -p port(s) to scan seperated by commas

# -t timeout in seconds for server to respond

# -o output filename

# -h help

getopts('i:n:p:t:o:h', \%args);

if ($args{h}){

print "\nUsage of this tool:

# -i ip address(s)\/hostnames(s) to scan seperated by commas

# -n network(s) CIDR to scan seperated by commas

# -p port(s) to scan seperated by commas

# -t timeout in seconds for server to respond

# -o output filename

# -h help\n";

}

if ($args{i}){ @ips = split(',',$args{i}); }

if ($args{n}){ @networks = split(',', $args{n}); }

if ($args{p}){ @ports = split(',', $args{p}); }

if ($args{o}){

$fn = $args{o};

open (LOG,'>>',$fn) || die "Can't Open File: $fn\n";;

print LOG "$date\n";

}

if ($args{t}){ $timeout = $args{t}; }

else{ $timeout = 2; }

if (@networks){

foreach my $network (@networks){

my $net = NetAddr::IP->new($network);

my @hosts = $net->hostenum;

for my $ip (@hosts) {

push (@ips, $ip->addr);

}}}

if (@ips){

foreach my $ip (@ips){

foreach my $port (@ports){

my $nmap = `nmap -p$port $ip 2>&1| grep open`;

if ($nmap =~ "open"){

my $return = `timeout $timeout openssl s_client -connect $ip:$port -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat"'`;

if ($return){

my $hostname = `host $ip 2>&1`;

chomp $hostname;

print "$ip: Vulnerable - $hostname\n";

if ($args{o}){

print LOG "$ip: Vulnerable - $hostname\n";

}

}

else{

print "$ip: Not Vulnerable\n";

if ($args{o}){

print LOG "$ip: Not Vulnerable\n";}

}

}}}}

if ($args{o}){ close (LOG); }[/LENGUAJE]

 
Status
Not open for further replies.
Back
Top