Этот эксплоит сделал мой день 8))
https://gist.github.com/andresriancho/10135096
https://bitbucket.org/johannestaas/heartattack/src
Полезный патч на сплоит от d0znpp: http://lab.onsec.ru/2014/04/memory-dumper-based-on-cve-2014-0160.html
+1 Heartbleed User Session Extraction: http://packetstormsecurity.com/files/126069/Heartbleed-User-Session-Extraction.html
+1 HackerFantastic: https://github.com/HackerFantastic/Public/blob/master/exploits/heartbleed.c
+1 http://didierstevens.com/files/data/heartbleed_packet_capture.zip
https://bitbucket.org/johannestaas/heartattack/src
Полезный патч на сплоит от d0znpp: http://lab.onsec.ru/2014/04/memory-dumper-based-on-cve-2014-0160.html
+1 Heartbleed User Session Extraction: http://packetstormsecurity.com/files/126069/Heartbleed-User-Session-Extraction.html
+1 http://didierstevens.com/files/data/heartbleed_packet_capture.zip
NMAP NSE: http://seclists.org/nmap-dev/2014/q2/att-27/ssl-heartbleed.nse
MSF: https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb
Чекалка уязвимости (online):
http://filippo.io/Heartbleed/ ИЛИ http://possible.lv/tools/hb/
Более продвинутая чекалка (SSL в целом и CVE-2014-0160 в частности) от Qualys: https://www.ssllabs.com/ssltest/
Heartbleed Honeypot Script: http://packetstormsecurity.com/files/126068
Detect heartbleed attacks with tshark [1]: tshark -i eth0 -R "ssl.record.content_type eq 24 and not ssl.heartbeat_message.type"
Search for processes still using old OpenSSL #heartbleed : grep -l 'libssl.*deleted' /proc/*/maps | tr -cd 0-9\\n | xargs -r ps u
Ссылки:
http://www.us-cert.gov/ncas/alerts/TA14-098A
https://github.com/musalbas/heartbleed-masstest/blob/master/top10000.txt
http://blogs.cisco.com/security/openssl-heartbleed-vulnerability-cve-2014-0160-cisco-products-and-mitigations/
https://community.qualys.com/blogs/qualys-tech/2014/04/09/heartbleed-detection-update
https://github.com/musalbas/heartbleed-masstest/blob/master/top10000.txt
http://blogs.cisco.com/security/openssl-heartbleed-vulnerability-cve-2014-0160-cisco-products-and-mitigations/
https://community.qualys.com/blogs/qualys-tech/2014/04/09/heartbleed-detection-update
Комментариев нет :
Отправить комментарий