Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Check for Ticketbleed (CVE-2016-9244) vulnerability.
package main
import (
"crypto/tls"
"fmt"
"log"
"strings"
"os"
)
var Target = ""
func main() {
if len(os.Args) != 2 {
fmt.Println("usage: ticketbleed [domain:port]")
os.Exit(1)
}
Target := os.Args[1]
conf := &tls.Config{
InsecureSkipVerify: true,
ClientSessionCache: tls.NewLRUClientSessionCache(32),
}
conn, err := tls.Dial("tcp", Target, conf)
if err != nil {
log.Fatalln("Failed to connect:", err)
}
conn.Close()
conn, err = tls.Dial("tcp", Target, conf)
if err != nil && strings.Contains(err.Error(), "unexpected message") {
fmt.Println(Target, "is vulnerable to Ticketbleed")
} else if err != nil {
log.Fatalln("Failed to reconnect:", err)
} else {
fmt.Println(Target, "does NOT appear to be vulnerable")
conn.Close()
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.