FeRR4L

heartbleed bug vulnerabilities scaner

Apr 13th, 2014
189
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Perl 2.44 KB | None | 0 0
  1. #!/usr/local/bin/perl
  2. #####################################################
  3. #                                                   #
  4. # Built to check for heartbleed bug vulnerabilities #
  5. # Author: Andrew Speer                              #
  6. # Date: 20140408                                    #
  7. # Desc: Scans hosts which respond on common SSL     #
  8. #       ports (443, 8443) for Heartbeat.            #
  9. #                                                   #
  10. #####################################################
  11.  
  12. use strict;
  13. use warnings;
  14. use Getopt::Std;
  15. use NetAddr::IP;
  16.  
  17. my @ips;
  18. my $date = `date`;
  19. chomp ($date);
  20. my $fn;
  21. my @networks;
  22. my @ports = ('443', '8443');
  23. my $timeout;
  24. my %args;
  25. # -i ip address(s) to scan seperated by commas
  26. # -n network(s) to scan seperated by commas
  27. # -p port(s) to scan seperated by commas
  28. # -t timeout in seconds for server to respond
  29. # -o output filename
  30. # -h help
  31. getopts('i:n:p:t:o:h', \%args);
  32.  
  33. if ($args{h}){
  34.   print "\nUsage of this tool:
  35.  
  36. # -i ip address(s)\/hostnames(s) to scan seperated by commas
  37. # -n network(s) CIDR to scan seperated by commas
  38. # -p port(s) to scan seperated by commas
  39. # -t timeout in seconds for server to respond
  40. # -o output filename
  41. # -h help\n";
  42. }
  43. if ($args{i}){ @ips = split(',',$args{i}); }
  44. if ($args{n}){ @networks = split(',', $args{n}); }
  45. if ($args{p}){ @ports = split(',', $args{p}); }
  46. if ($args{o}){
  47.   $fn = $args{o};
  48.   open (LOG,'>>',$fn) || die "Can't Open File: $fn\n";;
  49.   print LOG "$date\n";
  50. }
  51. if ($args{t}){ $timeout = $args{t}; }
  52. else{ $timeout = 2; }
  53.  
  54. if (@networks){
  55.   foreach my $network (@networks){
  56.     my $net = NetAddr::IP->new($network);
  57.     my @hosts = $net->hostenum;
  58.     for my $ip (@hosts) {
  59.       push (@ips, $ip->addr);
  60. }}}
  61.  
  62. if (@ips){
  63.   foreach my $ip (@ips){
  64.     foreach my $port (@ports){
  65.       my $nmap = `nmap -p$port $ip 2>&1| grep open`;
  66.       if ($nmap =~ "open"){
  67.         my $return = `timeout $timeout openssl s_client -connect $ip:$port -tlsextdebug 2>&1| grep 'TLS server extension "heartbeat"'`;
  68.         if ($return){
  69.           my $hostname = `host $ip 2>&1`;
  70.           chomp $hostname;
  71.           print "$ip: Vulnerable  -  $hostname\n";
  72.           if ($args{o}){
  73.             print LOG "$ip: Vulnerable  -  $hostname\n";
  74.           }
  75.         }
  76.         else{
  77.           print "$ip: Not Vulnerable\n";
  78.           if ($args{o}){
  79.             print LOG "$ip: Not Vulnerable\n";}
  80.           }
  81. }}}}
  82. if ($args{o}){ close (LOG); }
Add Comment
Please, Sign In to add comment