#!/bin/bash
if [[ $# -eq 0 ]] ; then
echo 'Usage: ./hbcheck <ip-range> eg. 192.168.1.0/24'
exit 0
fi
tmpfile="tmp$RANDOM"
nmap -sT -p 443 --open -n -r -PN $1 | grep report | awk '{print $5}' > $tmpfile
for i in $(awk '{print}' < $tmpfile )
do
echo "Checking $i"
echo EOF | openssl s_client -connect $i:443 -tlsextdebug 2<&1| grep 'server extension "heartbeat" (id=15)' || echo "$i is safe"
done
rm $tmpfile
exit 0