Shulou(Shulou.com)05/31 Report--

Today, I will talk to you about how to analyze the recurrence of Heartbleed vulnerability CVE-2014-0160. Many people may not know much about it. In order to make you understand better, the editor has summarized the following contents for you. I hope you can get something according to this article.

Scope of vulnerabilities:

OpenSSL1.0.1 version

Cause of vulnerability:

The Heartbleed vulnerability is due to the failure to properly check the bounds before the victim user input is called by memcpy () as a length parameter. An attacker can track the 64KB cache allocated by OpenSSL, copy byte information beyond the necessary range into the cache and return the cache contents, so that the victim's memory contents will be leaked at the speed of each 64KB.

Vulnerability hazards:

As mentioned in the cause of the vulnerability, we can read the information leaked from each attack through this vulnerability, so we may also be able to obtain the server's private key, user cookie and password.

Recurrence of vulnerabilities:

Environment:

Bee-box environment, kali Linux

After downloading the target machine, build it into the virtual machine (not to say much about building and running), and then run the page:

Open the console and use the command "ifconfig" to query the virtual machine address:

In the bridging mode used by the virtual machine, the address obtained is the address assigned by the wireless route.

According to the prompt of the target, the vulnerable port is 8443.

Use a browser to access this address:

Use nmap's script to detect vulnerabilities.

Through the detection of Nmap, it was found that there was a loophole in cardiac blood dripping.

If you find a vulnerability, use the msf tool to exploit it.

Open msfconsole:

Find the heartbleed module:

Use the first option:

See which options need to be set:

Here you need to set RHOSTS,RPORT:

Set verbose to true to see the leaked information:

Use exploit:

If someone is logging in to the web app, they may also be able to get information such as account passwords.

Intruders can check the 64K information of the head of household every time, and as long as they have enough patience and time, they can search enough data to piece together all kinds of information of users. although this vulnerability is random, the implementation method is simple and fast, and can be attacked in batches, so it is highly dangerous.

After reading the above, do you have any further understanding of how to analyze the Heartbleed vulnerability CVE-2014-0160? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.