Heartbleed, psych0tik edition

As per the rest of the internet, our collective jaws fell through the floor when Heartbleed was disclosed.

First and foremost- our IRC server was not vulnerable. At present, the only live IRC node is magikarp, owned and run my carbon, and running gnutls. OpenSSL based *clients* on the other hand, could plausibly have been compromised.

With that said, the first order of business once patching was in order was to develop a working exploit. Given that the internet has had a few days to patch, and that numerous other exploits are now public anyway, I’m releasing mine.

Given the time sensitive nature of the situation (We needed a working PoC to quickly enumerate internal services at $dayjob), I took the quick and dirty approach, rather than developing from scratch I produced a patched libssl that when linked against turns any SSL client into a working heartbleed vector.

You can find it at https://github.com/richo/openssl. For obvious reasons I would recommend building without shared object support, and not installing this anywhere.

About richo

Flying, coffee, computer stuff.
This entry was posted in psych0tik News. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *