├── openssl_scan.ps1
└── openssl_scan.sh


/openssl_scan.ps1:
--------------------------------------------------------------------------------
 1 | # BEGIN CONFIG
 2 | # set to $true to scan all drives
 3 | $scan_all_drives = $false
 4 | 
 5 | # set the directory to search for OpenSSL libraries in (default: C:\)
 6 | # only needed if scanalldrives is $false !
 7 | $search_directory = "C:\"
 8 | 
 9 | # set to $true to show only OpenSSL version vulnerable to this bug
10 | $only_vulnerable = $false
11 | # END CONFIG
12 | 
13 | $confirm = Read-Host "This is an example script not meant for production use. To confirm that you understand and accept all responsibility, type: confirm"
14 | 
15 | if ($confirm -eq "confirm") {
16 |     echo "starting scan"
17 |     if ($only_vulnerable) {
18 | 	    $regex = "OpenSSL\s*3\.0\.[0-6]"
19 |     }else{
20 | 	    $regex = "OpenSSL\s*[0-9]\.[0-9]\.[0-9]"
21 |     }
22 | 
23 |     if ($scan_all_drives){
24 |         $search_directory =  (Get-PSDrive -PSProvider FileSystem).Root
25 |     }
26 | 
27 |     # search for any DLLs whose name begins with libcrypto
28 |     Get-ChildItem -Path $search_directory -Include libcrypto*.dll,libssl*.dll -File -Recurse -ErrorAction SilentlyContinue | Foreach-Object {
29 | 	    # use RegEx to parse the dll strings for an OpenSSL Version Number
30 | 	    $openssl_version = select-string -Path $_ -Pattern $regex -AllMatches | % { $_.Matches } | % { $_.Value }
31 | 	    if ($openssl_version) {
32 | 		    # Print OpenSSL version number followed by file name
33 | 		    echo "$openssl_version - $_ "
34 | 	    }
35 |     }
36 | }else{
37 |     echo "aborting"
38 | }
39 | 


--------------------------------------------------------------------------------
/openssl_scan.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | set -uo pipefail
 3 | 
 4 | # BEGIN CONFIG
 5 | # set to 1 to show only OpenSSL version vulnerable to this bug
 6 | only_vulnerable=0
 7 | 
 8 | # set the directory to search for OpenSSL libraries in (default: /)
 9 | search_directory="/"
10 | #END CONFIG
11 | 
12 | echo 'This is an example script not meant for production use. To confirm that you understand and accept all responsibility, type: confirm'
13 | read -r confirm
14 | 
15 | if [[ "$confirm" == "confirm" ]]; then
16 |     if (( only_vulnerable )); then
17 |         regex='^OpenSSL\s*3\.0\.[0-6]'
18 |     else
19 |         regex='^OpenSSL\s*[0-9]\.[0-9]\.[0-9]'
20 |     fi
21 | 
22 |     if ! command -v strings &> /dev/null; then
23 |         echo "strings could not be found, please install it and try again"
24 |         exit 1
25 |     fi
26 | 
27 |     find "$search_directory" -type f '(' -name "libcrypto*.so*" -o -name "libssl*.so*" -o -name "libssl*.a*" -o -name "libcrypto*.a*" ')' | while read -r file_name; do
28 |         strings -- "$file_name" | grep -e "$regex" | while read -r openssl_version; do
29 |             echo "$openssl_version - $file_name"
30 |         done
31 |     done
32 | 
33 |     true
34 | else
35 |     echo aborting
36 |     exit 1
37 | fi
38 | 


--------------------------------------------------------------------------------