Scanning for the ROBOT Vulnerability at Scale
I just released SSLyze 1.3.0, which adds support for scanning for the ROBOT vulnerability that was disclosed last week.
Using SSLyze’s Python API, it is possible to easily and quickly scan a lot of servers for the vulnerability. From my own testing and depending on the network conditions, it takes about 5 seconds to scan 20 servers. SSLyze also has the ability to scan servers that use StartTLS-based protocols (such as SMTP, XMPP, etc.), which the test script released along with ROBOT does not support.
The following script (tested on Python 3.6) demonstrates how it can be done:
Enjoy and happy scanning!