MassBleed – SSL Vulnerability Scanner

Comments Off on MassBleed – SSL Vulnerability Scanner

MassBleed is an SSL vulnerability scanner.

It can detect the following vulnerabilities:

  • OpenSSL HeartBleed Vulnerability (CVE-2014-0160)
  • OpenSSL CCS (MITM) Vulnerability (CVE-2014-0224)
  • Poodle SSLv3 Vulnerability (CVE-2014-3566)
  • WinShock SChannel Vulnerability (MS14-066)
  • DROWN Attack (CVE-2016-0800)
MassBleed Screenshot

Usage:

sh massbleed.sh [CIDR|IP] [single|port|subnet] [port] [proxy]

This script has four main functions with the ability to proxy all connections:

  • To mass scan any CIDR range for OpenSSL vulnerabilities via port 443/tcp (https) (example: sh massbleed.sh 192.168.0.0/16)
  • To scan any CIDR range for OpenSSL vulnerabilities via any custom port specified (example: sh massbleed.sh 192.168.0.0/16 port 8443)
  • To individual scan every port (1-10000) on a single system for vulnerable versions of OpenSSL (example: sh massbleed.sh 127.0.0.1 single)
  • To scan every open port on every host in a single class C subnet for OpenSSL vulnerabilities (example: sh massbleed.sh 192.168.0. subnet)
If you want to use the proxy option, you’ll need to configure /etc/proxychains.conf.
Proxy Usage Examples:
  • ./massbleed 192.168.0.0/16 0 0 proxy)
  • ./massbleed 192.168.0.0/16 port 8443 proxy)
  • ./massbleed 127.0.0.1 single 0 proxy)
  • ./massbleed 192.168.0. subnet 0 proxy)

 

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress