PoodleCheck

Readme

██████╗  ██████╗  ██████╗ ██████╗ ██╗     ███████╗     ██████╗██╗  ██╗███████╗ ██████╗██╗  ██╗███████╗██████╗ 
██╔══██╗██╔═══██╗██╔═══██╗██╔══██╗██║     ██╔════╝    ██╔════╝██║  ██║██╔════╝██╔════╝██║ ██╔╝██╔════╝██╔══██╗
██████╔╝██║   ██║██║   ██║██║  ██║██║     █████╗      ██║     ███████║█████╗  ██║     █████╔╝ █████╗  ██████╔╝
██╔═══╝ ██║   ██║██║   ██║██║  ██║██║     ██╔══╝      ██║     ██╔══██║██╔══╝  ██║     ██╔═██╗ ██╔══╝  ██╔══██╗
██║     ╚██████╔╝╚██████╔╝██████╔╝███████╗███████╗    ╚██████╗██║  ██║███████╗╚██████╗██║  ██╗███████╗██║  ██║
╚═╝      ╚═════╝  ╚═════╝ ╚═════╝ ╚══════╝╚══════╝     ╚═════╝╚═╝  ╚═╝╚══════╝ ╚═════╝╚═╝  ╚═╝╚══════╝╚═╝  ╚═╝
                                                                                                          
                                                                          [@setrus  = = setrus@null.net] [v0.1]

 This is a small script that checks for Poodle for every open port of a host.
 There are a couple of things needed :
 - Scan result with open TCP ports : scan_result_tcp.txt
 - Target file hosting the IPs to test :  target_file.txt

 Directory Listing for testing:
 [2 targets to test:  127.0.0.1 and 127.0.0.2]

setrus@setrus:~$ ls -al
..
drwxr-xr-x 3 setrus setrus 127.0.0.1
drwxr-xr-x 3 setrus setrus 127.0.0.1
-rwxr--r-- 1 setrus setrus PoodleCheck.sh
-rw-r--r-- 1 setrus setrus target_file.txt

setrus@setrus:~$ ls -al 127.0.0.1
..
-rw-r--r-- 1 setrus setrus scan_result_utp.txt

setrus@setrus:~$ ls -al 127.0.0.2
-rw-r--r-- 1 setrus setrus scan_result_utp.txt

The file scan_result_utp.txt contains all the open ports for the host 127.0.0.1.
setrus@setrus:~/127.0.0.1/ cat scan_result_utp.txt
21
22
23
25
53
80
111
139
445
512
513
514
1099
1524
2049
2121
3306
3632
5432
5900
6000
6667
6697
8009
8180
8787
39292
43729
44813

 Running the script: 
setrus@setrus:~$ chmod +x PoodleCheck.sh 
setrus@setrus:~$ ./PoodleCheck.sh 


####################################
  Testing for POODLE on ALL hosts #
####################################

Scan takes aprx. 5 min          
Results in POODLE_RESULTS.txt

Creating Folder Results
Starting Scanning
[+]Scanning:  127.0.0.1
[+]Scan complete for:127.0.0.1 21
[+]Scan complete for:127.0.0.1 22
[+]Scan complete for:127.0.0.1 23
[+]Scan complete for:127.0.0.1 25
[+]Scan complete for:127.0.0.1 53
[+]Scan complete for:127.0.0.1 80
[+]Scan complete for:127.0.0.1 111
[+]Scan complete for:127.0.0.1 139
[+]Scan complete for:127.0.0.1 445
[+]Scan complete for:127.0.0.1 512
[+]Scan complete for:127.0.0.1 2121
[+]Scan complete for:127.0.0.1 5900
[+]Scan complete for:127.0.0.1 6000   VULNERABLE
[+]Scan complete for:127.0.0.1 6667
[+]Scan complete for:127.0.0.1 6697
[+]Scan complete for:127.0.0.1 8009   VULNERABLE
[+]Scan complete for:127.0.0.1 8180
[+]Scan complete for:127.0.0.1 39292
[+]Scan complete for:127.0.0.1 43729   VULNERABLE
[+]Scan complete for:127.0.0.1 44813

[+]Scanning:  127.0.0.2                                                                                                       
[+]Scan complete for:127.0.0.2 21
[+]Scan complete for:127.0.0.2 22
[+]Scan complete for:127.0.0.2 23
[+]Scan complete for:127.0.0.2 25
... snip...

PoodleCheck.sh

#!/bin/bash
# This script is just a small checker for hosts that may be vulnerable to POODLE.
# It tests all the hosts in the file "target_file.txt". 
# Needed : 
# 1) target_file.txt - with the ips to test
# 2) scan_result_utp.txt - list of the open ports for that host

# [@setrus ==  setrus@null.net]
# Poodle Testing for ALL the open ports of the hosts
# Must be run in the same file as target_file.txt
#Initial Setup Function

Initializing()
{
    # Create Directory
    clear
    echo  "####################################" 
    echo  "#  Testing for POODLE on ALL hosts #"
    echo  "####################################"
    echo  ""
    echo -e "Scan takes aprx.\033[91m 5 min\e[0m          "
    echo -e "Results in" "\033[91mPOODLE_RESULTS.txt\e[0m"
    echo  ""
    echo  "Creating Folder Results"
        if [ -d PoodleResults ] 
    then 
        rm PoodleResults/*
        rmdir PoodleResults
    fi
        mkdir PoodleResults
    Vulnerable=" VULNERABLE"
}

# Checks all the open ports of the hostnames and tests Poodle on every one of them
# PoodleCheck Function
PoodleCheck() {
    #Starting Scanning
    echo -e "Starting Scanning"
    while read host_name
    do
        echo "[+]Scanning: " ${host_name}
        while read port
            do
            nmap -sV --version-light --script ssl-poodle -p $port $host_name >> PoodleResults/${host_name}_${port}_Poodle
            string=`cat PoodleResults/${host_name}_${port}_Poodle | grep VULNERABLE | grep State  | cut -d "|" -f 2 | cut -d ":" -f2 | sort -u`
            if [ "$string" == "$Vulnerable" ]
                then 
                    echo -e "[+]Scan complete for:" ${host_name} ${port}"\033[91m  VULNERABLE\e[0m"
                else 
                    echo "[+]Scan complete for:"${host_name} ${port}
            fi
        done < $host_name/scan_result_utp.txt
    done < target_file.txt
    killall nmap
}
# Parsing Function
Parsing() {
grep VULN PoodleResults/* | grep -v State | cut -d "/" -f 2  > POODLE_RESULTS.txt
}
##################
##    Main      ##
##################
if [ ! -f target_file.txt ]
then
    echo "No target file file"
    return
fi
Initializing
PoodleCheck
Parsing


### Grep-ing the results
#In case the scans run more than 5 minutes, grep the folder PoodleResults with the following 
# setrus@setrus:~$  grep VULN PoodleResults/* | grep -v State | cut -d "/" -f 2  > POODLE_RESULTS.txt