Posted on Thursday, 16th October 2014 by Michael

What is Poodle?

Poodle stands for Padding Oracle On Downgraded Legacy Encryption. To learn more about this vulnerability check the following links as it has been covered so much already:

http://www.toyhunt.com

How to Scan for this vulnerability?

Please note this script was developed on a mac OSX. The reason i point this out is that the mac does not have timeout our gtimeout by default. Either of these tools would of made this script much cleaner. However to keep the OSX install as pristine as possible and not to install additional tools I created a work around called sleeper.sh.

poodle.sh

 

#!/bin/bash
while read rHOST;
do
exploit=$(./sleeper.sh 2>&1 & openssl s_client -connect $rHOST:443 -ssl3 2> /dev/null)

if echo "${exploit}" | grep -q 'Protocol.*SSLv3'; then
if echo "${exploit}" | grep -q 'Cipher.*0000'; then
echo "$rHOST,SSL 3 disabled"
echo "$rHOST,SSL 3 disabled" >> Poodle_Results.csv
else
echo "$rHOST,SSL 3 enabled"
echo "$rHOST,SSL 3 enabled" >> Poodle_Results.csv
fi
else
echo "rHOST,SSL disabled or other error"
echo "$rHOST,SSL disabled or other error" >> Poodle_Results.csv
fi
done<$1

In the poodle.sh script we use a while loop to read a list of hosts to check. Using openssl we force the connection to use SSL V3. If the connection works we mark it as having SSL3 enabled. If the connection fails we mark it as not being enabled and if something else fails we mark it as other (ie. bad hostname).

sleeper.sh

#!/bin/bash

sleep 10
killall openssl
exit

In sleeper.sh we launch a watcher to kill the connection after 10 seconds. This script can be replaced with the timeout command if you are using Linux or if your OSX has timeout installed.

How to use this code?

Step 1: create the scripts.

  1. vi poodle.sh
    1. copy and paste the code into it.
    2. Save the file
    3. chmod 777 poodle.sh
  2. vi sleeper.sh
    1. copy and paste the code into it.
    2. save the file
    3. chmod 777 sleeper.sh

Step 2: Create the list of hosts to scan

  1. vi poodle.txt
  2. add all of the sites you want to scan there (legally you should only add sites that you own)
  3. Save the file

Step 3: Run the code

  1. ./poodle.sh poodle.txt
  2. results are shown on the screen and saved in Poodle_Results.csv

Step 4: Decide what you will do with the results?

 

Posted in Code | Comments (0)

Leave a Reply

*