Heartbleed OpenSSL vulnerability

Tuesday, 8. 04. 2014  –  Category: stash, sw

Here’s a oneliner to check if a remote server might be vulnerable by checking if it advertises the Heartbeat TLS extention during connection negotiation.


$ openssl version
OpenSSL 1.0.1e-freebsd 11 Feb 2013
$ < /dev/null openssl s_client -connect example.com:443 -tlsextdebug 2>&1 | grep -i heartbeat
TLS server extension "heartbeat" (id=15), len=1

It’s important that the local OpenSSL version supports the extension, otherwise it will not be listed during the negotiation.

Better yet, grab Heartbleed test tool


$ go get github.com/FiloSottile/Heartbleed
$ ${GOPATH}/bin/Heartbleed example.com:443
2014/04/08 14:12:31 ([]uint8) {
 00000000  02 00 79 68 65 61 72 74  62 6c 65 65 64 2e 66 69  |..yheartbleed.fi|
 00000010  6c 69 70 70 6f 2e 69 6f  59 45 4c 4c 4f 57 20 53  |lippo.ioYELLOW S|
 00000020  55 42 4d 41 52 49 4e 45  02 6d 00 00 b3 de ab 6c  |UBMARINE.m.....l|
 00000030  71 ac cd 71 a9 63 74 36  8f ac 49 7d 32 36 48 00  |q..q.ct6..I}26H.|
 00000040  00 00 16 00 14 00 00 00  00 00 00 00 00 00 00 00  |........example.|
 00000050  00 00 00 00 00 00 00 00  00 00 05 00 05 01 00 00  |com.............|
 00000060  00 00 00 0a 00 08 00 06  00 17 00 18 00 19 00 0b  |................|
 00000070  00 02 01 00 00 0d 00 0a  00 08 04 01 8d 71 65 6d  |.............qem|
 00000080  27 9d 51 a8 01 37 02 50  63 67 ca db              |'.Q..7.Pcg..|
}

2014/04/08 14:12:31 example.com:443 - VULNERABLE

Comments are closed.