Created
October 15, 2014 02:51
-
-
Save gcmurphy/1b1cb9786aeb221a2699 to your computer and use it in GitHub Desktop.
Unnecessary C program to test if SSLv3 is enabled..
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| #include <netdb.h> | |
| char SSLv3_ClientHello[] = { | |
| 0x16, 0x03, 0x00, 0x00, 0x77, 0x01, 0x00, 0x00, | |
| 0x73, 0x03, 0x00, 0x54, 0x3d, 0xd4, 0x4f, 0xf8, | |
| 0xc8, 0x04, 0x56, 0xf0, 0x8a, 0xe7, 0xc4, 0x68, | |
| 0x9a, 0x9c, 0xaf, 0xdb, 0xb7, 0x6d, 0x03, 0xa9, | |
| 0x50, 0x9e, 0xc5, 0x0f, 0x2a, 0x27, 0x3a, 0x64, | |
| 0x8d, 0x3c, 0x26, 0x00, 0x00, 0x4c, 0xc0, 0x14, | |
| 0xc0, 0x0a, 0x00, 0x39, 0x00, 0x38, 0x00, 0x88, | |
| 0x00, 0x87, 0xc0, 0x0f, 0xc0, 0x05, 0x00, 0x35, | |
| 0x00, 0x84, 0xc0, 0x12, 0xc0, 0x08, 0x00, 0x16, | |
| 0x00, 0x13, 0xc0, 0x0d, 0xc0, 0x03, 0x00, 0x0a, | |
| 0xc0, 0x13, 0xc0, 0x09, 0x00, 0x33, 0x00, 0x32, | |
| 0x00, 0x9a, 0x00, 0x99, 0x00, 0x45, 0x00, 0x44, | |
| 0xc0, 0x0e, 0xc0, 0x04, 0x00, 0x2f, 0x00, 0x96, | |
| 0x00, 0x41, 0x00, 0x07, 0xc0, 0x11, 0xc0, 0x07, | |
| 0xc0, 0x0c, 0xc0, 0x02, 0x00, 0x05, 0x00, 0x04, | |
| 0x00, 0xff, 0x01, 0x00 | |
| }; | |
| char SSLv3_ServerHello[] = { | |
| 0x16, 0x03, 0x00 /* who cares.. */ | |
| }; | |
| void *get_in_addr(struct sockaddr *sa){ | |
| if (sa->sa_family == AF_INET) { | |
| return &(((struct sockaddr_in*)sa)->sin_addr); | |
| } | |
| return &(((struct sockaddr_in6*)sa)->sin6_addr); | |
| } | |
| int dial(const char *host, const char *port){ | |
| int sockfd; | |
| struct addrinfo hints, *servinfo, *p; | |
| int rv; | |
| char s[INET6_ADDRSTRLEN]; | |
| memset(&hints, 0, sizeof(hints)); | |
| hints.ai_family = AF_UNSPEC; | |
| hints.ai_socktype = SOCK_STREAM; | |
| if ((rv = getaddrinfo(host, port, &hints, &servinfo)) != 0){ | |
| perror("error: "); | |
| return rv; | |
| } | |
| for(p = servinfo; p != NULL; p = p->ai_next) { | |
| if ((sockfd = socket(p->ai_family, p->ai_socktype, p->ai_protocol)) == -1) { | |
| perror("client: socket"); | |
| continue; | |
| } | |
| if (connect(sockfd, p->ai_addr, p->ai_addrlen) == -1) { | |
| close(sockfd); | |
| perror("client: connect"); | |
| continue; | |
| } | |
| break; | |
| } | |
| if (p == NULL){ | |
| fprintf(stderr, "error: connection failed!\n"); | |
| return -1; | |
| } | |
| inet_ntop(p->ai_family, get_in_addr((struct sockaddr *)p->ai_addr), s, sizeof(s)); | |
| freeaddrinfo(servinfo); | |
| return sockfd; | |
| } | |
| static inline void bail(int fd, const char *msg){ | |
| close(fd); | |
| fprintf(stderr, "error: %s\n", msg); | |
| exit(1); | |
| } | |
| int main(int argc, char *argv[]){ | |
| int sock; | |
| ssize_t nbytes; | |
| char buf[4]; | |
| if (argc != 3){ | |
| printf("Usage: %s HOST PORT\n", argv[0]); | |
| exit(1); | |
| } | |
| sock = dial(argv[1], argv[2]); | |
| if (sock<0){ | |
| exit(1); | |
| } | |
| nbytes = write(sock, SSLv3_ClientHello, sizeof(SSLv3_ClientHello)); | |
| if (nbytes < sizeof(SSLv3_ClientHello)){ | |
| bail(sock, "write failed"); | |
| } | |
| nbytes = read(sock, buf, sizeof(buf)); | |
| if (nbytes != sizeof(buf)){ | |
| bail(sock, "read failed"); | |
| } | |
| if (memcmp(SSLv3_ServerHello, buf, sizeof(buf)) == 0){ | |
| puts("vulnerable"); | |
| } | |
| close(sock); | |
| return 0; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
TODO Probably should scan for TLS_FALLBACK_SCSV in cipher suites.. oh well maybe later..