Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-0160 PoC — OpenSSL 缓冲区错误漏洞

Source
https://github.com/Saymeis/HeartBleed
Associated Vulnerability
Title:OpenSSL 缓冲区错误漏洞 (CVE-2014-0160)
Description:OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL的TLS和DTLS实现过程中的d1_both.c和t1_lib.c文件中存在安全漏洞,该漏洞源于当处理Heartbeat Extension数据包时,缺少边界检查。远程攻击者可借助特制的数据包利用该漏洞读取服务器内存中的敏感信息(如用户名、密码、Cookie、私钥等)。以下版本的OpenSSL受到
Description
CVE-2014-0160
Readme
### HeartBleed уязвимость в docker 

1. git clone https://github.com/Saymeis/HeartBleed.git
2. cd HeartBleed
2. sudo docker build -t heartbleed -f Dockerfile .
3. sudo  docker run -p 80:80 -p 443:443 -d heartbleed
File Snapshot

 [4.0K]  /data/pocs/646dd3606ed988e8e285abd5b34aa1dce5f6c312
├── [ 134]  curl.sh
├── [1.3K]  Dockerfile
├── [4.0K]  keys
│   ├── [1.2K]  heartbleed.crt
│   └── [1.7K]  heartbleed.key
├── [4.0K]  nginx
│   └── [4.0K]  www
│       ├── [ 383]  50x.html
│       ├── [4.0K]  css
│       │   ├── [143K]  bootstrap.css
│       │   ├── [380K]  bootstrap.css.map
│       │   ├── [118K]  bootstrap.min.css
│       │   ├── [529K]  bootstrap.min.css.map
│       │   ├── [ 26K]  bootstrap-theme.css
│       │   ├── [ 47K]  bootstrap-theme.css.map
│       │   ├── [ 23K]  bootstrap-theme.min.css
│       │   ├── [ 25K]  bootstrap-theme.min.css.map
│       │   └── [  96]  starter-template.css
│       ├── [4.0K]  fonts
│       │   ├── [ 20K]  glyphicons-halflings-regular.eot
│       │   ├── [106K]  glyphicons-halflings-regular.svg
│       │   ├── [ 44K]  glyphicons-halflings-regular.ttf
│       │   ├── [ 23K]  glyphicons-halflings-regular.woff
│       │   └── [ 18K]  glyphicons-halflings-regular.woff2
│       ├── [2.8K]  index.php
│       └── [4.0K]  js
│           ├── [ 68K]  bootstrap.js
│           ├── [ 36K]  bootstrap.min.js
│           └── [ 484]  npm.js
├── [ 228]  README.md
├── [4.0K]  sites-enabled
│   └── [1007]  default
├── [1.1K]  supervisord.conf
└── [ 17K]  www.conf

7 directories, 27 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.