Thursday, April 10, 2014

Exploit-Dev : Heartbleed (CVE-2014-0160)

Jared Stafford developed a Proof-of-Concept code at here for the bug in OpenSSL namely Heartbleed, CVE-2014-0160. You can test the site in question at Heartbleed test.

To test for the client, you need this site

Michael Davis modified the code of Jared Stafford at here to dump the cookie from the memory of the victim server.

Since some parameters in the source code of Michael Davis are hard coded, I modified his work and make the parameters more feasible. Hereby, I am going to explain how to use this piece of code.



For the default value of port (443), cookie id (session) and length of the cookie (1024) :

python heartbleed-samiux.py victim_server

For customized value of port, cookie id and length of the cookie :

python heartbleed-samiux.py victim_server -p 8080 -c sessionid -l 4096

The result will be printed out on the screen.

Please note that the format of the victim_server should be "samiux.org".

python heartbleed-samiux.py samiux.org

Update for Version 2 (dated April 11, 2014)

This version is updated for handling different version of SSL/TLS.



Related : Exploit-Dev : Heartbleed (CVE-2014-0160) Reload
See Also : Exploit-Dev : Heartbleed (CVE-2014-0160) Final


That's all! See you.