Wednesday 9 April 2014

BASH script to wrap around Heartbleed scanner

The following script wraps around the Heartbleed scanner talked about in the previous post to scan all IP addresses within a file and output the results to a log.
I know it's basic, but it works - I'd be very happy if someone could come up with a script that would accept a subnet in CIDR format and scan all IP's with that subnet. Something like "hbscan"


  1. Create a ~/heartbleed
  2. Copy the Heartbleed binary into the folder created at (1)
  3. Copy the script below into the ~/heartbleed direcotry and call it something like hbscan
  4. Make hbscan runnable (chmod 755 hbscan)
  5. Copy file(s) containing the IP addresses you wish to scan into ~/heartbleed
  6. Create a ~/heartbleed/scans directory
  7. Scan the networks using './hbscan filewithips'
Here's the script I used:

today=`date +%F`
if [ -z "$1" ]; then
  echo " Usage: `basename $0` list"
  exit $E_BADARGS
if [ ! -d $logs/$today ]; then
  echo "[*] Creating $logs/$today"
  mkdir $logs/$today
touch $logs/$today/$hosts
while read -r host
  echo "[*] Scanning $host..."
  ~/heartbleed/Heartbleed $host 2>> $logs/$today/$hosts
done < $hosts
echo "[*] Scans completed."

That script was frankenstiened from:

No comments:

Post a Comment