HeartBleed

Background Information


Reconnaissance
Initial nmap scan to find open ports , using the flag "treat all hosts as alive" (-Pn)
nmap -Pn 34.253.197.133

Detailed Nmap Scan :
Command Breakdown:
(-sV): Service version
(-sC): Default nmap scripts
(-p): Specifying ports 22,111,135,139,443,445,593
(-oN nmap): Saving it into a file called nmap
nmap -sV -sC -p 22,111,135,139,443,445,593 -oN nmap 34.253.197.133

Enumeration
Lets visit the page on the https port 443

I did not see anything interesting here or in the source code, so I went to google to look for exploits on HeartBleed
. I found this exploit.
Exploitation
Lets download the exploit and rename it to exploit.py
. Also make the exploit script a executable

Now lets run the exploit on port 443

We have the flag in the output.
Last updated
Was this helpful?