Ejemplo n.º 1
0
func main() {
	if flag.NArg() == 0 {
		fmt.Fprintf(os.Stderr, "Usage: %s {HOST} [{OPTIONS}]\n", os.Args[0])
		flag.PrintDefaults()
		os.Exit(1)
	}

	host := flag.Arg(0)
	fmt.Printf("Server:   %s\n", tc.Bblue(fmt.Sprintf("%s:%d", host, *port)))

	c, err := ssltvd.Dial("tcp", fmt.Sprintf("%s:%d", host, *port), &ssltvd.Config{
		InsecureSkipVerify: true,
	})
	if err != nil {
		panic(err)
	}

	pl, err := c.Heartbeat(6, []byte("potato"))
	if err != nil {
		panic(err)
	}
	hex.Dump(pl)

	pl, err = c.Heartbeat(4, []byte("bird"))
	if err != nil {
		panic(err)
	}
	hex.Dump(pl)

	pl, err = c.Heartbeat(1000, []byte("hat"))
	if err != nil {
		panic(err)
	}
	hex.Dump(pl)
}
Ejemplo n.º 2
0
func checkHeartbleed(p *Probe) checkResult {
	rv := checkResult{Label: "Heartbleed vulnerability", Severity: OK}

	c, err := ssltvd.Dial("tcp", fmt.Sprintf("%s:%d", p.Host, p.Port), &ssltvd.Config{
		InsecureSkipVerify: true,
	})
	if err != nil {
		rv.Result = "Unknown error: " + err.Error()
		return rv
	}
	defer c.Close()

	_, err = c.Heartbeat(6, []byte("potato"))
	if err != nil {
		if err == ssltvd.ErrHeartbeatNotSupported {
			rv.Result = "OK - extension not supported"
		} else if err == ssltvd.ErrHeartbeatNotAllowed {
			rv.Result = "OK - sending heartbeat messages not allowed"
		} else if err == ssltvd.ErrHeartbeatTimeout {
			rv.Result = "Timeout"
		}
		return rv
	}

	_, err = c.Heartbeat(18, []byte("hat"))
	if err != nil {
		rv.Result = "Patched implementation"
	} else {
		rv.Severity = BigFuckingProblem
		rv.Result = "Yes"
	}

	return rv
}