Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-8610 PoC — OpenSSL 资源管理错误漏洞

Source
https://github.com/cujanovic/CVE-2016-8610-PoC
Associated Vulnerability
Title:OpenSSL 资源管理错误漏洞 (CVE-2016-8610)
Description:A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
Description
CVE-2016-8610 (SSL Death Alert) PoC
Readme
# CVE-2016-8610 PoC
CVE-2016-8610 (SSL Death Alert) PoC

Usage:

python ssl-death-alert.py DOMAIN/IP PORT PROTOCOL-VERSION(SSLv3, TLS1.0, TLS1.1, TLS1.2) NUMBER-OF-ALERTS(1000) THREADS(50)

python ssl-death-alert.py test.tdl 443 TLS1.2 1000 50

More info:

http://security.360.cn/cve/CVE-2016-8610/

https://securingtomorrow.mcafee.com/mcafee-labs/ssl-death-alert-cve-2016-8610-can-cause-denial-of-service-to-openssl-servers/
File Snapshot

 [4.0K]  /data/pocs/de0cd4eb1928d3971cdc2a37483bebfe2c7b2ff0
├── [ 426]  README.md
└── [5.3K]  ssl-death-alert.py

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →