示例#1
0
func bleedHandler(w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Access-Control-Allow-Origin", "*")
	host := r.URL.Path[len("/bleed/"):]
	if strings.Index(host, ":") == -1 {
		host = host + ":443"
	}
	data, err := bleed.Heartbleed(string(host), PAYLOAD)
	var rc int
	if err == bleed.ErrPayloadNotFound {
		rc = 1
		data = []byte("")
		log.Printf("%v - SAFE", host)
	} else if err != nil {
		rc = 2
		data = []byte("")
		log.Printf("%v - ERROR", host)
	} else {
		rc = 0
		log.Printf("%v - VULNERABLE", host)
	}
	res := result{rc, string(data)}
	j, err := json.Marshal(res)
	if err != nil {
		log.Println("ERROR", err)
	} else {
		w.Write(j)
	}
}
示例#2
0
func main() {
	var tgt bleed.Target

	flag.StringVar(&tgt.Service, "service", "https", fmt.Sprintf("Specify a service name to test (using STARTTLS if necessary). \n\t\tBesides HTTPS, currently supported services are: \n\t\t%s", bleed.Services))
	flag.Parse()

	if flag.NArg() < 1 {
		usage()
	}

	tgt.HostIp = flag.Arg(0)

	u, err := url.Parse(tgt.HostIp)
	if err == nil && u.Host != "" {
		tgt.HostIp = u.Host
		if u.Scheme != "" {
			tgt.Service = u.Scheme
		}
	}

	out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io"))
	if err == bleed.Safe {
		log.Printf("%v - SAFE", tgt.HostIp)
		os.Exit(0)
	} else if err != nil {
		log.Printf("%v - ERROR: %v", tgt.HostIp, err)
		os.Exit(2)
	} else {
		log.Printf("%v\n", string(out))
		log.Printf("%v - VULNERABLE", tgt.HostIp)
		os.Exit(1)
	}
}
示例#3
0
func handleRequest(tgt *bleed.Target, w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Access-Control-Allow-Origin", "*")

	data, err := bleed.Heartbleed(tgt, PAYLOAD)
	var rc int
	var errS string
	if err == bleed.Safe {
		rc = 1
		data = []byte("")
		log.Printf("%v (%v) - SAFE", tgt.HostIp, tgt.Service)
	} else if err != nil {
		rc = 2
		data = []byte("")
		errS = err.Error()
		log.Printf("%v (%v) - ERROR", tgt.HostIp, tgt.Service)
	} else {
		rc = 0
		log.Printf("%v (%v) - VULNERABLE", tgt.HostIp, tgt.Service)
	}
	res := result{rc, string(data), errS, tgt.HostIp}
	j, err := json.Marshal(res)
	if err != nil {
		log.Println("ERROR", err)
	} else {
		w.Write(j)
	}
}
示例#4
0
func main() {
	var tgt bleed.Target

	flag.StringVar(&tgt.StartTls, "starttls", "", "use STARTTLS")
	flag.Parse()

	if flag.NArg() < 1 {
		usage(os.Args[0])
	}

	tgt.HostIp = flag.Arg(0)

	u, err := url.Parse(tgt.HostIp)
	if err == nil && u.Host != "" {
		tgt.HostIp = u.Host
	}

	out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io"))
	if err == bleed.Safe {
		log.Printf("%v - SAFE", tgt.HostIp)
		os.Exit(0)
	} else if err != nil {
		log.Printf("%v - ERROR: %v", tgt.HostIp, err)
		os.Exit(2)
	} else {
		log.Printf("%v\n", string(out))
		log.Printf("%v - VULNERABLE", tgt.HostIp)
		os.Exit(1)
	}
}
示例#5
0
func bleedHandler(w http.ResponseWriter, r *http.Request) {
	w.Header().Set("Access-Control-Allow-Origin", "*")
	host := r.URL.Path[len("/bleed/"):]
	u, err := url.Parse(host)
	if err == nil && u.Host != "" {
		host = u.Host
	}
	data, err := bleed.Heartbleed(string(host), PAYLOAD)
	var rc int
	var errS string
	if err == bleed.Safe {
		rc = 1
		data = []byte("")
		log.Printf("%v - SAFE", host)
	} else if err != nil {
		rc = 2
		data = []byte("")
		errS = err.Error()
		log.Printf("%v - ERROR", host)
	} else {
		rc = 0
		log.Printf("%v - VULNERABLE", host)
	}
	res := result{rc, string(data), errS}
	j, err := json.Marshal(res)
	if err != nil {
		log.Println("ERROR", err)
	} else {
		w.Write(j)
	}
}
示例#6
0
func handleRequest(tgt *bleed.Target, w http.ResponseWriter, r *http.Request, skip bool) {
	w.Header().Set("Access-Control-Allow-Origin", "*")

	data, err := bleed.Heartbleed(tgt, PAYLOAD, skip)
	var rc int
	var errS string

	if err == bleed.Safe {
		rc = 1
	} else if err != nil {
		rc = 2
	} else {
		rc = 0
		// _, err := bleed.Heartbleed(tgt, PAYLOAD)
		// if err == nil {
		// 	// Two VULN in a row
		// 	rc = 0
		// } else {
		// 	// One VULN and one not
		// 	_, err := bleed.Heartbleed(tgt, PAYLOAD)
		// 	if err == nil {
		// 		// 2 VULN on 3 tries
		// 		rc = 0
		// 	} else {
		// 		// 1 VULN on 3 tries
		// 		if err == bleed.Safe {
		// 			rc = 1
		// 		} else {
		// 			rc = 2
		// 		}
		// 	}
		// }
	}

	switch rc {
	case 0:
		log.Printf("%v (%v) - VULNERABLE [skip: %v]", tgt.HostIp, tgt.Service, skip)
	case 1:
		data = []byte("")
		log.Printf("%v (%v) - SAFE", tgt.HostIp, tgt.Service)
	case 2:
		data = []byte("")
		errS = err.Error()
		if errS == "Please try again" {
			log.Printf("%v (%v) - MISMATCH", tgt.HostIp, tgt.Service)
		} else {
			log.Printf("%v (%v) - ERROR", tgt.HostIp, tgt.Service)
		}
	}

	res := result{rc, string(data), errS, tgt.HostIp}
	j, err := json.Marshal(res)
	if err != nil {
		log.Println("ERROR", err)
	} else {
		w.Write(j)
	}
}
示例#7
0
func main() {
	out, err := bleed.Heartbleed(os.Args[1], []byte("heartbleed.filippo.io"))
	if err == bleed.ErrPayloadNotFound {
		log.Printf("%v - SAFE", os.Args[1])
		os.Exit(1)
	} else if err != nil {
		log.Printf("%v - ERROR: %v", os.Args[1], err)
		os.Exit(2)
	} else {
		log.Printf("%v\n", string(out))
		log.Printf("%v - VULNERABLE", os.Args[1])
		os.Exit(0)
	}
}
示例#8
0
func main() {
	var tgt bleed.Target

	flag.StringVar(&tgt.Service, "service", "https", fmt.Sprintf("Specify a service name to test (using STARTTLS if necessary). \n\t\tBesides HTTPS, currently supported services are: \n\t\t%s", bleed.Services))
	check_cert := flag.Bool("check-cert", false, "check the server certificate")
	flag.Parse()

	if flag.NArg() < 1 {
		usage()
	}

	tgt.HostIp = flag.Arg(0)

	u, err := url.Parse(tgt.HostIp)
	if err == nil && u.Host != "" {
		tgt.HostIp = u.Host
		if u.Scheme != "" {
			tgt.Service = u.Scheme
		}
	}

	out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io"), !(*check_cert))
	if err == bleed.Safe {
		log.Printf("%v - SAFE", tgt.HostIp)
		os.Exit(0)
	} else if err != nil {
		if err.Error() == "Please try again" {
			log.Printf("%v - TRYAGAIN: %v", tgt.HostIp, err)
			os.Exit(2)
		}
	 	else {
			log.Printf("%v - ERROR: %v", tgt.HostIp, err)
			os.Exit(2)
		}
	} else {
		log.Printf("%v\n", out)
		log.Printf("%v - VULNERABLE", tgt.HostIp)
		os.Exit(1)
	}
}
示例#9
0
func main() {
	args := os.Args
	if len(args) < 2 {
		usage(args[0])
	}

	host := args[1]
	u, err := url.Parse(host)
	if err == nil && u.Host != "" {
		host = u.Host
	}
	out, err := bleed.Heartbleed(host, []byte("heartbleed.filippo.io"))
	if err == bleed.Safe {
		log.Printf("%v - SAFE", host)
		os.Exit(0)
	} else if err != nil {
		log.Printf("%v - ERROR: %v", host, err)
		os.Exit(2)
	} else {
		log.Printf("%v\n", string(out))
		log.Printf("%v - VULNERABLE", host)
		os.Exit(1)
	}
}
示例#10
0
func handleRequest(tgt *bleed.Target, w http.ResponseWriter, r *http.Request, skip bool) {
	if tgt.HostIp == "" {
		// tens of empty requests per minute, mah...
		return
	}

	w.Header().Set("Access-Control-Allow-Origin", "*")

	var rc int
	var errS string
	var data string

	var rc_state = []string{"vulnerable", "safe", "error"}

	cacheKey := tgt.Service + "://" + tgt.HostIp
	if skip {
		cacheKey += "/skip"
	}

	if metrics != nil {
		metrics.Increment("check")
	}

	var cacheOk bool
	if withCache {
		cReply, ok := cache.Check(cacheKey)
		if ok {
			rc = int(cReply.Status)
			errS = cReply.Error
			data = cReply.Data
			cacheOk = true
			if metrics != nil {
				metrics.Increment("cache.hit")
				metrics.Increment("cache." + rc_state[rc])
			}
		}
	}

	if !withCache || !cacheOk {
		out, err := bleed.Heartbleed(tgt, PAYLOAD, skip)

		if err == bleed.Safe || err == bleed.Closed {
			rc = 1
		} else if err != nil {
			rc = 2
		} else {
			rc = 0
			// _, err := bleed.Heartbleed(tgt, PAYLOAD)
			// if err == nil {
			// 	// Two VULN in a row
			// 	rc = 0
			// } else {
			// 	// One VULN and one not
			// 	_, err := bleed.Heartbleed(tgt, PAYLOAD)
			// 	if err == nil {
			// 		// 2 VULN on 3 tries
			// 		rc = 0
			// 	} else {
			// 		// 1 VULN on 3 tries
			// 		if err == bleed.Safe {
			// 			rc = 1
			// 		} else {
			// 			rc = 2
			// 		}
			// 	}
			// }
		}

		switch rc {
		case 0:
			// never cache or return data from a vuln
			_ = out
			log.Printf("%v (%v) - VULNERABLE [skip: %v]", tgt.HostIp, tgt.Service, skip)
		case 1:
			log.Printf("%v (%v) - SAFE", tgt.HostIp, tgt.Service)
		case 2:
			errS = err.Error()
			if errS == "Please try again" {
				log.Printf("%v (%v) - MISMATCH", tgt.HostIp, tgt.Service)
			} else {
				log.Printf("%v (%v) - ERROR [%v]", tgt.HostIp, tgt.Service, errS)
			}
		}
		if metrics != nil {
			metrics.Increment("site." + rc_state[rc])
		}
	}

	if withCache && !cacheOk {
		if metrics != nil {
			metrics.Increment("cache.miss")
		}
		cache.Set(cacheKey, rc, data, errS)
	}

	res := result{rc, data, errS, tgt.HostIp}
	j, err := json.Marshal(res)
	if err != nil {
		log.Println("[json] ERROR:", err)
	} else {
		w.Write(j)
	}
}