USAGE
sh massbleed.sh [CIDR|IP] [single|port|subnet] [port] [proxy]
ABOUT
This script has four main functions with the ability to proxy all connections:
- To mass scan any CIDR range for OpenSSL vulnerabilities via port 443/tcp (https) (example: sh massbleed.sh 192.168.0.0/16)
- To scan any CIDR range for OpenSSL vulnerabilities via any custom port specified (example: sh massbleed.sh 192.168.0.0/16 port 8443)
- To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single)
- To scan every open port on every host in a single class C subnet for OpenSSL vulnerabilities (example: sh massbleed.sh 192.168.0. subnet)
PROXY USAGE EXAMPLES: (example: sh massbleed.sh 192.168.0.0/16 0 0 proxy) (example: sh massbleed.sh 192.168.0.0/16 port 8443 proxy) (example: sh massbleed.sh 127.0.0.1 single 0 proxy) (example: sh massbleed.sh 192.168.0. subnet 0 proxy)
VULNERABILITIES:
- OpenSSL HeartBleed Vulnerability (CVE-2014-0160)
- OpenSSL CCS (MITM) Vulnerability (CVE-2014-0224)
- Poodle SSLv3 vulnerability (CVE-2014-3566)