func main() { var tgt bleed.Target flag.StringVar(&tgt.Service, "service", "https", fmt.Sprintf("Specify a service name to test (using STARTTLS if necessary). \n\t\tBesides HTTPS, currently supported services are: \n\t\t%s", bleed.Services)) flag.Parse() if flag.NArg() < 1 { usage() } tgt.HostIp = flag.Arg(0) u, err := url.Parse(tgt.HostIp) if err == nil && u.Host != "" { tgt.HostIp = u.Host if u.Scheme != "" { tgt.Service = u.Scheme } } out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io")) if err == bleed.Safe { log.Printf("%v - SAFE", tgt.HostIp) os.Exit(0) } else if err != nil { log.Printf("%v - ERROR: %v", tgt.HostIp, err) os.Exit(2) } else { log.Printf("%v\n", string(out)) log.Printf("%v - VULNERABLE", tgt.HostIp) os.Exit(1) } }
func main() { var tgt bleed.Target flag.StringVar(&tgt.StartTls, "starttls", "", "use STARTTLS") flag.Parse() if flag.NArg() < 1 { usage(os.Args[0]) } tgt.HostIp = flag.Arg(0) u, err := url.Parse(tgt.HostIp) if err == nil && u.Host != "" { tgt.HostIp = u.Host } out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io")) if err == bleed.Safe { log.Printf("%v - SAFE", tgt.HostIp) os.Exit(0) } else if err != nil { log.Printf("%v - ERROR: %v", tgt.HostIp, err) os.Exit(2) } else { log.Printf("%v\n", string(out)) log.Printf("%v - VULNERABLE", tgt.HostIp) os.Exit(1) } }
func bleedQueryHandler(w http.ResponseWriter, r *http.Request) { q, ok := r.URL.Query()["u"] if !ok || len(q) != 1 { return } skip, ok := r.URL.Query()["skip"] s := false if ok && len(skip) == 1 { s = true } tgt := bleed.Target{ HostIp: string(q[0]), Service: "https", } u, err := url.Parse(tgt.HostIp) if err == nil && u.Host != "" { tgt.HostIp = u.Host if u.Scheme != "" { tgt.Service = u.Scheme } } handleRequest(&tgt, w, r, s) }
func main() { var tgt bleed.Target flag.StringVar(&tgt.Service, "service", "https", fmt.Sprintf("Specify a service name to test (using STARTTLS if necessary). \n\t\tBesides HTTPS, currently supported services are: \n\t\t%s", bleed.Services)) check_cert := flag.Bool("check-cert", false, "check the server certificate") flag.Parse() if flag.NArg() < 1 { usage() } tgt.HostIp = flag.Arg(0) u, err := url.Parse(tgt.HostIp) if err == nil && u.Host != "" { tgt.HostIp = u.Host if u.Scheme != "" { tgt.Service = u.Scheme } } out, err := bleed.Heartbleed(&tgt, []byte("heartbleed.filippo.io"), !(*check_cert)) if err == bleed.Safe { log.Printf("%v - SAFE", tgt.HostIp) os.Exit(0) } else if err != nil { if err.Error() == "Please try again" { log.Printf("%v - TRYAGAIN: %v", tgt.HostIp, err) os.Exit(2) } else { log.Printf("%v - ERROR: %v", tgt.HostIp, err) os.Exit(2) } } else { log.Printf("%v\n", out) log.Printf("%v - VULNERABLE", tgt.HostIp) os.Exit(1) } }