def process_task(self, server_info, command, options_dict=None):
ssl_connection = server_info.get_preconfigured_ssl_connection()
ssl_connection.ssl_version = server_info.highest_ssl_version_supported # Needed by the heartbleed payload
# Awful hack #1: replace nassl.sslClient.do_handshake() with a heartbleed
# checking SSL handshake so that all the SSLyze options
# (startTLS, proxy, etc.) still work
ssl_connection.do_handshake = new.instancemethod(do_handshake_with_heartbleed, ssl_connection, None)
heartbleed = None
try: # Perform the SSL handshake
ssl_connection.connect()
except HeartbleedSent:
# Awful hack #2: directly read the underlying network socket
heartbleed = ssl_connection._sock.recv(16381)
finally:
ssl_connection.close()
# Text output
is_vulnerable_to_heartbleed = False
if heartbleed is None:
raise ValueError("Error: connection failed.")
elif '\x01\x01\x01\x01\x01\x01\x01\x01\x01' in heartbleed:
# Server replied with our hearbeat payload
is_vulnerable_to_heartbleed = True
return HeartbleedResult(server_info, command, options_dict, is_vulnerable_to_heartbleed)
评论列表
文章目录
