infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Changed heartbleed jabber implementation to match openssl s_client 

see here for example implementation:
https://github.com/openssl/openssl/blob/master/apps/s_client.c#L1719
bug/bundler_fix
Christian Mehlmauer 2014-04-09 22:20:32 +02:00
parent a6a6ad2217
commit a86a8fed05
No known key found for this signature in database
GPG Key ID: BCFF4FA966BC32C7
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
View File

@ -176,20 +176,21 @@ class Metasploit3 < Msf::Auxiliary
def tls_jabber
# http://xmpp.org/extensions/xep-0035.html
msg = "<?xml version='1.0' ?>"
msg << "<stream:stream xmlns='jabber:client' "
msg = "<stream:stream xmlns='jabber:client' "
msg << "xmlns:stream='http://etherx.jabber.org/streams' "
msg << "version='1.0' "
msg << "to='#{datastore['XMPPDOMAIN']}'>"
sock.put(msg)
res = sock.get
if res.nil? || res =~ /stream:error/ || res !~ /starttls/i
if res.nil? || res =~ /stream:error/ || res !~ /<starttls xmlns=['"]urn:ietf:params:xml:ns:xmpp-tls['"]/
print_error("#{peer} - Jabber host unknown. Please try changing the XMPPDOMAIN option.") if res && res =~ /<host-unknown/
return nil
end
msg = "<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>"
sock.put(msg)
sock.get_once
res = sock.get
return nil if res.nil? || res !~ /<proceed/
res
end
def run_host(ip)