Create a gist now

Instantly share code, notes, and snippets.

@FiloSottile /ticketbleed.go Secret
Last active Mar 7, 2017

package main
import (
"crypto/tls"
"fmt"
"log"
"strings"
)
var Target = "example.com:443"
func main() {
conf := &tls.Config{
InsecureSkipVerify: true,
ClientSessionCache: tls.NewLRUClientSessionCache(32),
}
conn, err := tls.Dial("tcp", Target, conf)
if err != nil {
log.Fatalln("Failed to connect:", err)
}
conn.Close()
conn, err = tls.Dial("tcp", Target, conf)
if err != nil && strings.Contains(err.Error(), "unexpected message") {
fmt.Println(Target, "is vulnerable to Ticketbleed")
} else if err != nil {
log.Fatalln("Failed to reconnect:", err)
} else {
fmt.Println(Target, "does NOT appear to be vulnerable")
conn.Close()
}
}
@smrx86
smrx86 commented Feb 27, 2017

i think it will more elegant to run this scripts with argument... ^^

package main

import (
	"crypto/tls"
	"fmt"
	"log"
	"strings"
	"os"
)

func main() {
	if len(os.Args) !=2 {
		fmt.Fprintf(os.Stderr, "Usage: %s target:port\n", os.Args[0])
		os.Exit(1)
	}
	Target := os.Args[1]
	
	conf := &tls.Config{
		InsecureSkipVerify: true,
		ClientSessionCache: tls.NewLRUClientSessionCache(32),
	}

	conn, err := tls.Dial("tcp", Target, conf)
	if err != nil {
		log.Fatalln("Failed to connect:", err)
	}
	conn.Close()

	conn, err = tls.Dial("tcp", Target, conf)
	if err != nil && strings.Contains(err.Error(), "unexpected message") {
		fmt.Println(Target, "is vulnerable to Ticketbleed")
	} else if err != nil {
		log.Fatalln("Failed to reconnect:", err)
	} else {
		fmt.Println(Target, "does NOT appear to be vulnerable")
		conn.Close()
	}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment