sQuo Posted April 18, 2014 Share Posted April 18, 2014 [LENGUAJE=perl]#!/usr/local/bin/perl ##################################################### # # # Built to check for heartbleed bug vulnerabilities # # Author: Andrew Speer # # Date: 20140408 # # Desc: Scans hosts which respond on common SSL # # ports (443, 8443) for Heartbeat. # # # ##################################################### use strict; use warnings; use Getopt::Std; use NetAddr::IP; my @ips; my $date = `date`; chomp ($date); my $fn; my @networks; my @ports = ('443', '8443'); my $timeout; my %args; # -i ip address(s) to scan seperated by commas # -n network(s) to scan seperated by commas # -p port(s) to scan seperated by commas # -t timeout in seconds for server to respond # -o output filename # -h help getopts('i:n:p:t:o:h', \%args); if ($args{h}){ print "\nUsage of this tool: # -i ip address(s)\/hostnames(s) to scan seperated by commas # -n network(s) CIDR to scan seperated by commas # -p port(s) to scan seperated by commas # -t timeout in seconds for server to respond # -o output filename # -h help\n"; } if ($args{i}){ @ips = split(',',$args{i}); } if ($args{n}){ @networks = split(',', $args{n}); } if ($args{p}){ @ports = split(',', $args{p}); } if ($args{o}){ $fn = $args{o}; open (LOG,'>>',$fn) || die "Can't Open File: $fn\n";; print LOG "$date\n"; } if ($args{t}){ $timeout = $args{t}; } else{ $timeout = 2; } if (@networks){ foreach my $network (@networks){ my $net = NetAddr::IP->new($network); my @hosts = $net->hostenum; for my $ip (@hosts) { push (@ips, $ip->addr); }}} if (@ips){ foreach my $ip (@ips){ foreach my $port (@ports){ my $nmap = `nmap -p$port $ip 2>&1| grep open`; if ($nmap =~ "open"){ my $return = `timeout $timeout openssl s_client -connect $ip:$port -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat"'`; if ($return){ my $hostname = `host $ip 2>&1`; chomp $hostname; print "$ip: Vulnerable - $hostname\n"; if ($args{o}){ print LOG "$ip: Vulnerable - $hostname\n"; } } else{ print "$ip: Not Vulnerable\n"; if ($args{o}){ print LOG "$ip: Not Vulnerable\n";} } }}}} if ($args{o}){ close (LOG); }[/LENGUAJE] Link to comment Share on other sites More sharing options...
Recommended Posts