Shulou(Shulou.com)06/01 Report--

This article mainly introduces "how to scan SSL vulnerabilities with nmap on Linux system". In daily operation, I believe that many people have doubts about how to scan SSL vulnerabilities with nmap on Linux systems. The editor has consulted all kinds of materials and sorted out simple and easy-to-use methods of operation. I hope it will be helpful to answer the doubts of "how to scan SSL vulnerabilities with nmap on Linux systems". Next, please follow the editor to study!

Download nmap version 6.45 and above. If you are lazy to reinstall, you can download the ssl-heartbleed.nse script directly.

The specific methods (steps) to scan the server for cardiac bleeding vulnerabilities (heartbleed) using nmap 6.45 are as follows:

Of course, you have to press nmap first, and you can go to google on the Internet.

In the process of using nmap, specify the ssl-heartbleed.nse script to scan the probe, as follows

[root@dabu.info] # nmap-sV-p 443-- script=ssl-heartbleed.nse 192.168.1.5

Or

[root@dabu.info] # nmap-sV-p 443-- script=ssl-heartbleed 192.168.1.5

Explain; where 192.168.1.5 is the ip to be scanned and can also be converted into a domain name

If your server (vps) has a heart bleeding vulnerability (heartbleed), the following prompt appears:

The code is as follows:

Nmap scan report for mediacentre (192.168.1.5)

Host is up (0.0059s latency).

Not shown: 992 closed ports

PORT STATE SERVICE VERSION

443/tcp open ssl OpenSSL (SSLv3)

| ssl-heartbleed:

| VULNERABLE:

| The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.

| | State: VULNERABLE |

| | Risk factor: High |

| Description:

| OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.

| |

| References:

| | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160 |

| | http://www.openssl.org/news/secadv_20140407.txt |

| | _ http://cvedetails.com/cve/2014-0160/ |

Service Info: Host: firefly003; OS: Linux; CPE: cpe:/o:linux:linux_kernel

Note:

The code is as follows:

| | State: VULNERABLE / * threatened * / |

| | Risk factor: High / * High risk * / |

These two lines represent the results of the scan.

After the upgrade is complete, we test it again and there is no hint just now. Instead, it becomes:

The code is as follows:

Nmap scan report for mediacentre (192.168.1.5)

Host is up (0.0011s latency).

PORT STATE SERVICE VERSION

443/tcp open ssl OpenSSL (SSLv3)

Service detection performed. Please report any incorrect results at http://nmap.org/submit/.

Nmap done: 1 IP address (1 host up) scanned in 11.24 seconds

At this point, the study on "how to scan for SSL vulnerabilities with nmap on Linux systems" is over. I hope to be able to solve your doubts. The collocation of theory and practice can better help you learn, go and try it! If you want to continue to learn more related knowledge, please continue to follow the website, the editor will continue to work hard to bring you more practical articles!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.