Vulnerability Number: cve-2014-3566
The POC is as follows:
Import Ssl,socket,sys
ssl_version={
' SSLv2 ': SSL. Protocol_sslv2,
' SSLv3 ': SSL. Protocol_sslv3,
' SSLv23 ': SSL. Protocol_sslv23,
' TLSv1 ': SSL. PROTOCOL_TLSV1,
}
def check_ssl_version (version):
Try
HTTPS = SSL. Sslsocket (Socket.socket (), Ssl_version=ssl_version.get (version))
c = Https.connect ((ip,port))
Print version + ' supported '
Return True
Except Exception as E:
Return False
USAGE = ' ==========\nkpoodle-ssl version and Poodle attack vulnerability detect Tool\n==========\nusage:python Kpoodle. PY Target Port (default:443) \n\nby Kingx '
Try
ip = sys.argv[1]
Except
Print USAGE
Sys.exit ()
Try
Port = Int (sys.argv[2])
Except
Port = 443
Try
print ' Connecting ... '
s = Socket.socket (). Connect ((Ip,port))
Except Exception as E:
Print E
print ' Can not connect to the target! '
Sys.exit ()
Try
print ' Checking ... '
SSL3 = check_ssl_version (' SSLv3 ')
SSL2 = check_ssl_version (' SSLv2 ')
Ssl23 = check_ssl_version (' SSLv23 ')
TLS = check_ssl_version (' TLSv1 ')
If SSL3:
print ' \nsslv3 Poodle vulnerable! '
Else
print ' \nno SSLv3 support! '
Except Exception as E:
Print E
SSLV3 Poodle Attack Vulnerability Detection Tool