optionsbleed
This is a proof of concept code to test for the Optionsbleed bug in Apache httpd (CVE-2017-9798).
Please consider using the tool Snallygaster instead, it has a check for optionsbleed included:
snallygaster -t optionsbleed [host]
usage
optionsbleed [-h] [-n N] [-a] [-u] hosttocheck Check for the Optionsbleed vulnerability (CVE-2017-9798). positional arguments: hosttocheck The hostname you want to test against optional arguments: -h, --help show this help message and exit -n N number of tests (default 10) -a, --all show headers from hosts without problems -u, --url pass URL instead of hostname Tests server for Optionsbleed bug and other bugs in the allow header. Automatically checks http://, https://, http://www. and https://www. - except if you pass -u/--url (which means by default we check 40 times.)
output explanation
The script outputs the returned Allow header and prefixes it with an explanation what is wrong with it. By default there will be no output if the server is not vulnerable, this can be changed with the -a/--all parameter.
[bleed]
A corrupted header was sent, very likely the Optionsbleed bug.
[empty]
An empty header was sent, which is bogus.
[spaces]
The list of methods was space-separated instead of comma-separated.
This is a bug, but harmless. It may be Launchpad bug #1717682.
[duplicates]
Some methods were sent multiple times in the list.
This is a bug, but harmless. It may be Apache bug #61207.
[ok]
Nothing wrong with this header (only sent with -a/--all).