Nmap Development mailing list archives

RE: [NSE] SSL Heartbleed

From: Andrew Klaus <andrewklaus () gmail com>
Date: Sat, 12 Apr 2014 15:04:25 -0600

So, I don't think the nmap heartbleed detection script doesn't always work,
and I'm not sure why.

There are hosts I know about that it does detect, but this one it doesn't...

nmap -p 443 --script ssl-heartbleed cloudflarechallenge.com
Nmap scan report for cloudflarechallenge.com (107.170.194.215)
Host is up (0.095s latency).
PORT    STATE SERVICE
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 18.19 seconds


If I use the python detection script, it pulls back 64k of memory..  So I
know the site is affected by it.

Any ideas?

Thanks
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

Re: [NSE] SSL Heartbleed, (continued)
- - - Re: [NSE] SSL Heartbleed Daniel Miller (Apr 09)
    - Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 09)
- Re: [NSE] SSL Heartbleed Niklaus Schiess (Apr 11)
- Re: [NSE] SSL Heartbleed Dane Goodwin (Apr 09)
  - Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
    - Re: [NSE] SSL Heartbleed Whyte, Jesse (Apr 09)
    - Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
    - Re: [NSE] SSL Heartbleed John Bond (Apr 11)
    - Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- [NSE] SSL Heartbleed Aaron Zauner (Apr 12)
- RE: [NSE] SSL Heartbleed Andrew Klaus (Apr 12)
  - Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 12)
- Re: Re: [NSE] SSL Heartbleed Olli Hauer (Apr 12)
  - Re: Re: [NSE] SSL Heartbleed Andrew Klaus (Apr 12)
    - RE: Re: [NSE] SSL Heartbleed HD Moore (Apr 14)
    - Re: [NSE] SSL Heartbleed Daniel Miller (Apr 14)