Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/GDSSecurity/Jetleak-Testing-Script

Script to test if a server is vulnerable to the JetLeak vulnerability
https://github.com/GDSSecurity/Jetleak-Testing-Script

Last synced: 21 days ago
JSON representation

Script to test if a server is vulnerable to the JetLeak vulnerability

Host: GitHub
URL: https://github.com/GDSSecurity/Jetleak-Testing-Script
Owner: GDSSecurity
Created: 2015-02-25T05:39:05.000Z (almost 10 years ago)
Default Branch: master
Last Pushed: 2016-07-01T06:43:46.000Z (over 8 years ago)
Last Synced: 2024-08-05T17:44:42.607Z (4 months ago)
Language: Python
Size: 135 KB
Stars: 144
Watchers: 14
Forks: 61
Open Issues: 4
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

awesome-hacking-lists - GDSSecurity/Jetleak-Testing-Script - Script to test if a server is vulnerable to the JetLeak vulnerability (Python)

README

# Jetleak Testing Script

This tool is intended to provide a quick-and-dirty way for organizations to test whether their Jetty web server versions are vulnerable to JetLeak. Currently, this script does not handle sites with invalid SSL certs. This will be fixed in a future iteration.

For additional details on the Jetleak vulnerability refer to our blog post:
http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html

Sample Usage: python jetleak_tester.py [url] [port]

Sample Output for a server that is not vulnerable:

```
$ python jetleak_tester.py http://[ENTER HOSTNAME] 80

This version of Jetty is NOT vulnerable to JetLeak.
```

Sample Output for a server that is vulnerable:

```
$ python jetleak_tester.py http://[ENTER HOSTNAME] 80

This version of Jetty is VULNERABLE to JetLeak!
```