Nmap Development mailing list archives
Re: [NSE] SSL Heartbleed
From: Patrik Karlsson <patrik () cqure net>
Date: Sat, 12 Apr 2014 17:27:37 -0400
I think the change of the requested heartbeat size from 16384 to 4073 is what is causing the issue. That's whats different from the initial commit that works and the other code that I have tried. Revision 32828 changes this back to 16384 while only reading 4073 bytes back from the server. There was another issue reported where reading too much data back would incorrectly report the server as non-vulnerable. Thanks, -Patrik On Sat, Apr 12, 2014 at 5:04 PM, Andrew Klaus <andrewklaus () gmail com> wrote:
So, I don't think the nmap heartbleed detection script doesn't always work, and I'm not sure why. There are hosts I know about that it does detect, but this one it doesn't... nmap -p 443 --script ssl-heartbleed cloudflarechallenge.com Nmap scan report for cloudflarechallenge.com (107.170.194.215) Host is up (0.095s latency). PORT STATE SERVICE 443/tcp open https Nmap done: 1 IP address (1 host up) scanned in 18.19 seconds If I use the python detection script, it pulls back 64k of memory.. So I know the site is affected by it. Any ideas? Thanks _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
-- Patrik Karlsson http://www.cqure.net http://twitter.com/nevdull77 http://www.linkedin.com/in/nevdull77 _______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- Re: [NSE] SSL Heartbleed, (continued)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 09)
- Re: [NSE] SSL Heartbleed Niklaus Schiess (Apr 11)
- Re: [NSE] SSL Heartbleed Dane Goodwin (Apr 09)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed Whyte, Jesse (Apr 09)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed John Bond (Apr 11)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed Jasey DePriest (Apr 09)
- Re: [NSE] SSL Heartbleed Patrik Karlsson (Apr 12)
- Re: Re: [NSE] SSL Heartbleed Andrew Klaus (Apr 12)
- RE: Re: [NSE] SSL Heartbleed HD Moore (Apr 14)
- Re: [NSE] SSL Heartbleed Daniel Miller (Apr 14)