USAGE:<\/p>\n
sh massbleed.sh [CIDR|IP] [single|port|subnet] [port] [proxy]\n<\/pre>\nAbout:<\/strong>
\n-This script has four main functions with the ability to proxy all connections:<\/p>\n\n
- To mass scan any CIDR range for OpenSSL vulnerabilities via port 443\/tcp (https) (example: sh massbleed.sh 192.168.0.0\/16)<\/li>\n
- To scan any CIDR range for OpenSSL vulnerabilities via any custom port specified (example: sh massbleed.sh 192.168.0.0\/16 port 8443)<\/li>\n
- To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single)<\/li>\n
- To scan every open port on every host in a single class C subnet for OpenSSL vulnerabilities (example: sh massbleed.sh 192.168.0. subnet)<\/li>\n<\/ul>\n
Proxy:<\/strong>
\n-A proxy option has been added to scan via proxychains. You’ll need to configure \/etc\/proxychains.conf for this to work.
\nProxy usage example:<\/strong><\/p>\nsh massbleed.sh 192.168.0.0\/16 0 0 proxy\n<\/pre>\nsh massbleed.sh 192.168.0.0\/16 port 8443 proxy\n<\/pre>\nsh massbleed.sh 127.0.0.1 single 0 proxy\n<\/pre>\nsh massbleed.sh 192.168.0. subnet 0 proxy\n<\/pre>\nVulnerabilities:<\/strong><\/p>\n
\n
- OpenSSL HeartBleed Vulnerability (CVE-2014-0160)<\/li>\n
- OpenSSL CCS (MITM) Vulnerability (CVE-2014-0224)<\/li>\n
- Poodle SSLv3 vulnerability (CVE-2014-3566)<\/li>\n<\/ul>\n
Requirements:<\/strong>
\nIs the heartbleed POC present? Is the openssl CCS script present? Is unicornscan installed? Is nmap installed? Is sslscan installed?<\/p>\n","protected":false},"excerpt":{"rendered":"USAGE: sh massbleed.sh [CIDR|IP] [single|port|subnet] [port] [proxy] About: -This script has four main functions with the ability to proxy all connections: To mass scan any CIDR range for OpenSSL vulnerabilities via port 443\/tcp (https) (example: sh massbleed.sh 192.168.0.0\/16) To scan any CIDR range for OpenSSL vulnerabilities via any custom port specified (example: sh massbleed.sh 192.168.0.0\/16<\/p>\n","protected":false},"author":1,"featured_media":2682,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[154,470],"tags":[588,605,577,606,607,608,609,610],"class_list":["post-2681","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pentesting-tools","category-sniffing-spoofing","tag-1n3","tag-crowdshield","tag-heartbleed","tag-massbleed","tag-openssl","tag-openssl-ccs","tag-poodle-sslv3","tag-ssl"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2681","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2681"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2681\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2681"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2681"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2681"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}