OpenSSL Heartbeat (Heartbleed) Client Memory Exposure
This module provides a fake SSL service that is intended to leak memory from client systems as they connect. This module is hardcoded for using the AES-128-CBC-SHA1 cipher.
Module Name
auxiliary/server/openssl_heartbeat_client_memory
Authors
- Neel Mehta
- Riku
- Antti
- Matti
- hdm <x [at] hdm.io>
References
Actions
- Capture
Reliability
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use auxiliary/server/openssl_heartbeat_client_memory
msf auxiliary(openssl_heartbeat_client_memory) > show actions
...actions...
msf auxiliary(openssl_heartbeat_client_memory) > set ACTION <action-name>
msf auxiliary(openssl_heartbeat_client_memory) > show options
...show and set options...
msf auxiliary(openssl_heartbeat_client_memory) > run
Related Vulnerabilities
- Amazon Linux AMI: Security patch for openssl (ALAS-2014-320) (multiple CVEs)
- DSA-2896-1 openssl -- security update
- FreeBSD: OpenSSL -- Remote Information Disclosure (FreeBSD-SA-14:06.openssl) (CVE-2014-0160)
- Gentoo Linux: CVE-2014-0160: AMD64 x86 emulation base libraries: Multiple vulnerabilities
- Google Android Vulnerability: CVE-2014-0160
- HP iLO: CVE-2014-0160: Denial of Service.
- OpenSSL Heartbleed Vulnerability (CVE-2014-0160)
- Juniper Junos OS: 2014-04 Out of Cycle Security Bulletin: Multiple products affected by OpenSSL "Heartbleed" issue (JSA10623) (CVE-2014-0160)
- ELSA-2014-0376 Important: Oracle Linux openssl security update
- ELSA-2014-1652 Important: Oracle Linux openssl security update
- RHSA-2014:0376: openssl security update
- RHSA-2014:0378: rhev-hypervisor6 security update
- RHSA-2014:0396: rhev-hypervisor6 security update
- RHSA-2014:0416: rhevm-spice-client security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 6
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7
- Oracle Solaris 11: CVE-2014-0160: Vulnerability in OpenSSL
- USN-2165-1: OpenSSL vulnerabilities
- VMSA-2014-0004: Information Disclosure vulnerability in OpenSSL third party library (CVE-2014-0160)
- VMware Fusion: Information Disclosure vulnerability in OpenSSL third party library (VMSA-2014-0004) (CVE-2014-0160)
- VMware Player: Information Disclosure vulnerability in OpenSSL third party library (VMSA-2014-0004) (CVE-2014-0160)
- VMware Workstation: Information Disclosure vulnerability in OpenSSL third party library (VMSA-2014-0004) (CVE-2014-0160)