Python script to check for heartbleed mentioned HERE

If you had a hyphenated list of hosts and ports like in a file called targetlist.txt you could do something like this and spit out a list of vulnerable hosts including some SSL certificate info.

Combine the python script with some bash:


while read target; do
host=`echo $target|cut -d “-” -f 1`
port=`echo $target|cut -d “-” -f 2`
result=`python $host -p $port|grep -v NOT`
if [ -n “$result”  ]
#optional, get some info about the cert
sslcert=`nmap -A -p $port $host|grep -i “ssl-cert”`
echo $result ‘|’ $port $sslcert
done < targetlist.txt

Python script download

Alternate Link