HeartBleed
Background Information
Reconnaissance
Initial nmap scan to find open ports , using the flag "treat all hosts as alive" (-Pn)
Detailed Nmap Scan :
Command Breakdown:
(-sV): Service version
(-sC): Default nmap scripts
(-p): Specifying ports 22,111,135,139,443,445,593
(-oN nmap): Saving it into a file called nmap
Enumeration
Lets visit the page on the https port 443
I did not see anything interesting here or in the source code, so I went to google to look for exploits on HeartBleed
. I found this exploit.
Exploitation
Lets download the exploit and rename it to exploit.py
. Also make the exploit script a executable
Now lets run the exploit on port 443
We have the flag in the output.
Last updated