No description, website, or topics provided.
Python
Switch branches/tags
Nothing to show
Clone or download
Pull request Compare This branch is 68 commits ahead, 140 commits behind musalbas:master.
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
EXAMPLE
README.md
TODO
examplehosts.concise
examplehosts.timestamp
examplehosts.txt
examplehosts.verbose
ssltest.py

README.md

heartbleed-masstest

The current version has a much more robust SSL handshake, thanks to Daniel Roethlisberger. The cipher list offered has been updated to include all currently-defined ciphers, so it is truly universal now (the list of currently-defined ciphers can be found at the IANA: https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4).

This fork of heartbleed-masstest removes the rate limiting capability of the original, but adds the possibility to specify the port(s) to be scanned for each host. See EXAMPLES for examples (doh). ;-)

The command line syntax has changed a bit; ports are now specified by a named argument (which is optional, defaulting to 443)

  • ./ssltest.py --ports "443, 993, 995" hostlist.txt

The ports argument can be specified multiple times (and shortened):

  • ./ssltest.py --port 443 --port 993 --port 995 hostlist.txt

The hostlist defaults to stdin (and stdin can specifically be selected as usual):

And multiple hostlists can be specified:

  • ./ssltest.py hostlist1.txt hostlist2.txt

Concise mode is now implemented. Adding the right grep statement to the pipeline highlights found vulnerabilities:

  • echo www.google.com | ./ssltest.py --ports "443, 993, 995" --concise | egrep --color '[[:digit:]]+!|'

IPv6 support has been added. IPv6 addresses are used if available. IPv4 and IPv6 scanning can be turned on or off with --ipv4, --ipv6, --no-ipv4, --no-ipv6. The default is on for both.

A port to be scanned can now also be appended to a given hostname directly. Specifying a port in this way disregards the usual portlist for this one host. Example:

This will scan www.google.com on port 443, not on 993 or 995.

Timestamping has been added. This provides the ability to prepend a timestamp to every scan result line to make it clear when that particular scan was done. Timestamping can be activated with the --timestamp option. This option takes the time format string as an argument (Python time format string notation); if the argument is omitted, ISO 8601 date format is used by default.

The final summary of scan results can be suppressed by giving the --no-summary option.

Many options have been given shortcuts now (-t for --timestamp, -c for --concise, -4 for --ipv4, -6 for --ipv6, to name some).

The output now also includes the exact IP address used for each host.

The --hosts (-H) switch has been added; this makes the script interpret command-line arguments directly as hosts, not as files with lists of hosts, so this scans www.google.com directly:

The --ports (-p) switch now also takes ranges of ports of the form "-". This commands scans ports 1-100 and 200-300:

This command line scans ports 80-88 and 443-445: