Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ticketbleed #686

wants to merge 12 commits into from


Copy link

commented Feb 9, 2017

Made a new script for Ticketbleed, a vuln that was announced within the last several hours. This branch also makes a convenience change to tls.lua that can be omitted if undesirable. This script borrows pieces from ssl-heartbleed.nse where useful.

Please note that I have not yet found any vulnerable systems, but I believe that with the amount of debugging and testing against unaffected systems that it will correctly flag an affected system. There are many, many guards against false positives.

Let me know if anything needs fixing, I will try to be responsive since this is a particularly 'topical' script.


This comment has been minimized.

Copy link

commented Feb 9, 2017

I believe this script is ready for proper review. I managed to generate a PCAP file against a known-vulnerable host and iron out what I think are the last of the errors. The biggest change is moving from one byte session IDs to 16-byte session IDs random for reliability.

If others think it's a good idea, I can make the session ID length a tunable script-arg.

@nmap-bot nmap-bot closed this in 27785ce Feb 9, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
None yet
1 participant
You can’t perform that action at this time.