├── openssl_scan.ps1 └── openssl_scan.sh /openssl_scan.ps1: -------------------------------------------------------------------------------- 1 | # BEGIN CONFIG 2 | # set to $true to scan all drives 3 | $scan_all_drives = $false 4 | 5 | # set the directory to search for OpenSSL libraries in (default: C:\) 6 | # only needed if scanalldrives is $false ! 7 | $search_directory = "C:\" 8 | 9 | # set to $true to show only OpenSSL version vulnerable to this bug 10 | $only_vulnerable = $false 11 | # END CONFIG 12 | 13 | $confirm = Read-Host "This is an example script not meant for production use. To confirm that you understand and accept all responsibility, type: confirm" 14 | 15 | if ($confirm -eq "confirm") { 16 | echo "starting scan" 17 | if ($only_vulnerable) { 18 | $regex = "OpenSSL\s*3\.0\.[0-6]" 19 | }else{ 20 | $regex = "OpenSSL\s*[0-9]\.[0-9]\.[0-9]" 21 | } 22 | 23 | if ($scan_all_drives){ 24 | $search_directory = (Get-PSDrive -PSProvider FileSystem).Root 25 | } 26 | 27 | # search for any DLLs whose name begins with libcrypto 28 | Get-ChildItem -Path $search_directory -Include libcrypto*.dll,libssl*.dll -File -Recurse -ErrorAction SilentlyContinue | Foreach-Object { 29 | # use RegEx to parse the dll strings for an OpenSSL Version Number 30 | $openssl_version = select-string -Path $_ -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value } 31 | if ($openssl_version) { 32 | # Print OpenSSL version number followed by file name 33 | echo "$openssl_version - $_ " 34 | } 35 | } 36 | }else{ 37 | echo "aborting" 38 | } 39 | -------------------------------------------------------------------------------- /openssl_scan.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -uo pipefail 3 | 4 | # BEGIN CONFIG 5 | # set to 1 to show only OpenSSL version vulnerable to this bug 6 | only_vulnerable=0 7 | 8 | # set the directory to search for OpenSSL libraries in (default: /) 9 | search_directory="/" 10 | #END CONFIG 11 | 12 | echo 'This is an example script not meant for production use. To confirm that you understand and accept all responsibility, type: confirm' 13 | read -r confirm 14 | 15 | if [[ "$confirm" == "confirm" ]]; then 16 | if (( only_vulnerable )); then 17 | regex='^OpenSSL\s*3\.0\.[0-6]' 18 | else 19 | regex='^OpenSSL\s*[0-9]\.[0-9]\.[0-9]' 20 | fi 21 | 22 | if ! command -v strings &> /dev/null; then 23 | echo "strings could not be found, please install it and try again" 24 | exit 1 25 | fi 26 | 27 | find "$search_directory" -type f '(' -name "libcrypto*.so*" -o -name "libssl*.so*" -o -name "libssl*.a*" -o -name "libcrypto*.a*" ')' | while read -r file_name; do 28 | strings -- "$file_name" | grep -e "$regex" | while read -r openssl_version; do 29 | echo "$openssl_version - $file_name" 30 | done 31 | done 32 | 33 | true 34 | else 35 | echo aborting 36 | exit 1 37 | fi 38 | --------------------------------------------------------------------------------