misses TLS1.1/1.0 vuln servers

[diracdeltas]

Currently uses the heartbeat bytes \x18\x03\x03\x00\x03\x01\x40\x00. Should be \x18\x03\x02 for TLS1.1 or \x18\x03\x01 for TLS1.0.

BTW, the \x40\x00 bytes at the end specify the length of data that the server should return - you can set this to \xff\xff if you want the maximum amount per heartbeat.

[robertdavidgraham]

I fix this for --raw mode. By default, heartleech uses the OpenSSL to negotiate the handshake with the server, then sends heartbeats. The version used is whatever OpenSSL selects. I don't know the APIs well enough to influence this.

The --raw mode doesn't use the OpenSSL API, but instead sends heartbeats before the handshake completes. I send a smaller request because the servers I was testing against had trouble replying with all the packets in this mode.