Forgiven Posted June 9, 2014 Share Posted June 9, 2014 Boy this would be a creepy exploit to deploy on the Mark V as an infusion. Heartbleed Redux from Wired. Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 9, 2014 Share Posted June 9, 2014 Heartbleed modules are readily available for frameworks such as Metasploit, which we inherently support as a layer 3 device. Yes, an infusion would be cool (perhaps an official meterpreter infusion would be of more value) but as our team is very tiny we're not keen on reinventing the wheel in this regard. Quote Link to comment Share on other sites More sharing options...
Forgiven Posted June 10, 2014 Author Share Posted June 10, 2014 Heartbleed modules are readily available for frameworks such as Metasploit, which we inherently support as a layer 3 device. Yes, an infusion would be cool (perhaps an official meterpreter infusion would be of more value) but as our team is very tiny we're not keen on reinventing the wheel in this regard. Darren, I certainly can appreciate not wanting to reinvent the wheel and know that a small team has limits on activities. My thoughts were geared more towards the community of contributors. The Wired article describes a recently reported wild variant of heartbleed: Snippet follows "On Thursday, the OpenSSL Foundation published an advisory warning to users to update their SSL yet again, this time to fix a previously unknown but more than decade-old bug in the software that allows any network eavesdropper to strip away its encryption. The non-profit foundation, whose encryption is used by the majority of the Web’s SSL servers, issued a patch and advised sites that use its software to upgrade immediately. The new attack, found by Japanese researcher Masashi Kikuchi, takes advantage of a portion of OpenSSL’s “handshake” for establishing encrypted connections known as ChangeCipherSpec, allowing the attacker to force the PC and server performing the handshake to use weak keys that allows a “man-in-the-middle” snoop to decrypt and read the traffic. “This vulnerability allows malicious intermediate nodes to intercept encrypted data and decrypt them while forcing SSL clients to use weak keys which are exposed to the malicious nodes,” reads an FAQ published by Kikuchi’s employer, the software firm Lepidum. Ashkan Soltani, a privacy researcher who has been involved in analyzing the Snowden NSA leaks for the NSA and closely tracked SSL’s woes, offers this translation: “Basically, as you and I are establishing a secure connection, an attacker injects a command that fools us to thinking we’re using a ‘private’ password whereas we’re actually using a public one.”" It almost seems like a side-door.... Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted June 10, 2014 Share Posted June 10, 2014 It almost seems like a side-door.... Almost. Any good vulnerability should spur that thought :) Quote Link to comment Share on other sites More sharing options...
koolkarnt Posted June 12, 2014 Share Posted June 12, 2014 omg.. where is your sense of adventure.... ? maybe we can do a cummunity effort. Im handy but no idea how to help with something like this. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 17, 2014 Share Posted June 17, 2014 nmap has a script available to scan for heartbleed vulnerability Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.