Thursday, April 17, 2014

Exploit-Dev : Heartbleed (CVE-2014-0160) Final

Updated the source code on April 20, 2014 to version 0.8.

Since the code that wrote at here is not working for getting the RSA Private key from the Heartbleed vulnerable server, I modified another python script at here. This script is developed by mothran. The script use his version tlslite library to write his code.

I modified his code but I have no time to test the most important feature, capture the RSA Private key. If anyone who have time to test the code that I modified for that purpose, please let me know the result. I can be reached at here.

The limitation of the script is not the power of the attacker's machine but the victim's server. If you use threading feature, the limitation for the threading may be up to 40. Meanwhile, the screen output of the script will be in a mess. However, I set a private key found flag detection in the script.

Be keep in mind that this script may have bug as it is a Proof-of-Concept code. You are reminded that this code may vulnerable to Lucky-Thirteen.

Furthermore, this code may not trigger the IDS/IPS or iptables rules that is target for the first released exploit code. Hereby, I attached the version 0.3 0.4 0.5 0.6 0.7 0.8 here.

If the code is quit unexpectedly for the first try, it is either the victim is not enabled SSL or the victim is not vulnerable. Meanwhile, it is very interesting to know that when the victim server is under the attack, the loading of the server is very low and there is no entry in the access log of the server. Wonderful, right?


May be I am not so lucky to capture the private key from my lab (Apache with OpenSSL). I cannot capture the private key even running the script for days against my lab virtual machine. Does the private key remains in the memory only in some situation? Or, I am not so lucky? Please let me know the reason, thanks.


According to the first winner of Cloudflare Challenge, Fedor Indutny that we need some luck to get the private key even you know how to get it.

To install Node.js, please follow this link.


I even cannot get the private key from Nginx with OpenSSL by Fedor Indutny's code. I wonder if it is because of the Nginx and OpenSSL setting or not. I following this link to set up the Nginx Server.

Recently find the Cloudflare SSL setting on Nginx server at here. I think it is the matter. Meanwhile, according to this article, Ubuntu 13.10 was used in Cloudflare Challenge.

Found a needle in the haystack!

Version : 0.8


How I obtained the private key for - Python
Extracting server private key using Heartbleed OpenSSL vulnerability - Node.js
OpenSSL Heartbleed (CVE-2014-0160) vulnerability scanner, data miner and RSA key-restore tools - Python3

That's all! See you.

Friday, April 11, 2014

Exploit-Dev : Heartbleed (CVE-2014-0160) Reload

Please note that this method may not retrieve the RSA Private key properly but it can retrieve other information from the memory, e.g. session id, cookie, username, password and etc. A working version of the RSA Private key dump will be posted later when it is done.

I modified the Proof-of-Concept by Jared Stafford and Michael Davis at here yesterday. The code is to dump the cookie, session as well as username and password from the memory of the victim server.

If you want to dump the data other than the above mentioned, for example, private key, you need the another method. I modified the source code of Derek Callaway and then monitor the dump by using ngrep. : : :

For the usage, please read the bash script files for details.

See Also :
Exploit-Dev : Heartbleed (CVE-2014-0160) Final
Modified version by Mike Baker for scanning .onion addresses

That's all! See you.

Thursday, April 10, 2014

Exploit-Dev : Heartbleed (CVE-2014-0160)

Jared Stafford developed a Proof-of-Concept code at here for the bug in OpenSSL namely Heartbleed, CVE-2014-0160. You can test the site in question at Heartbleed test.

To test for the client, you need this site

Michael Davis modified the code of Jared Stafford at here to dump the cookie from the memory of the victim server.

Since some parameters in the source code of Michael Davis are hard coded, I modified his work and make the parameters more feasible. Hereby, I am going to explain how to use this piece of code.

For the default value of port (443), cookie id (session) and length of the cookie (1024) :

python victim_server

For customized value of port, cookie id and length of the cookie :

python victim_server -p 8080 -c sessionid -l 4096

The result will be printed out on the screen.

Please note that the format of the victim_server should be "".


Update for Version 2 (dated April 11, 2014)

This version is updated for handling different version of SSL/TLS.

Related : Exploit-Dev : Heartbleed (CVE-2014-0160) Reload
See Also : Exploit-Dev : Heartbleed (CVE-2014-0160) Final

That's all! See you.