SlideShare ist ein Scribd-Unternehmen logo

Heartbleed

n|u - The Open Security Community
n|u - The Open Security Community

null Hyderabad Chapter - May 2014 Meet

BildungTechnologie
1 von 23
Downloaden Sie, um offline zu lesen
Heartbleed
Myself • Mohammed Danish Amber • Working as Database Security Administrator • Tata Consultancy Services • CEH &CHFI • Collabarative Project on Hacker EcoSystem
Agenda • What is Heartbleed • How it works and Usage in OpenSSL Library • What was the mistake in code • What is CVE-2014-0160 • How it can be exploited • The Mechanism • How to protect yourself
What is Heartbleed • The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
Heartbleed • The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
Heartbleed • A fixed version of OpenSSL was released on April 7, 2014, on the same day Heartbleed was publicly disclosed. • At that time, some 17 percent (around half a million) of the Internet's secure web servers certified by trusted authorities were believed to be vulnerable to the attack, allowing theft of the servers' private keys and users' session cookies and passwords.
Heartbeat • The Heartbeat Extension for the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols was proposed as a standard in February 2012 by RFC 6520. It provides a way to test and keep alive secure communication links without the need to renegotiate the connection each time.
Heartbeat • In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the University of Duisburg-Essen, implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL, his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson apparently failed to notice a bug in Seggelmann's implementation, and introduced the flawed code into OpenSSL's source code repository on December 31, 2011. The vulnerable code was adopted into widespread use with the release of OpenSSL version 1.0.1 on March 14, 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable by default.
Discovery • According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team reported Heartbleed on April 1, 2014. • The bug was named by an engineer at Codenomicon, a Finnish cybersecurity company, which also created the bleeding heart logo, and launched the domain Heartbleed.com to explain the bug to the public. • According to Codenomicon, Neel Mehta first reported the bug to OpenSSL, but both Google and Codenomicon discovered it independently. • Codenomicon reportsApril 3, 2014 as their date of discovery of the bug and as their date of notification of NCSC-FI (formerly known as CERT-FI) for vulnerability coordination. • The Sydney Morning Herald published a timeline of the discovery on April 15, 2014, which shows that some of the organizations were able to patch against the bug before its public disclosure. In some cases, it is not clear how they found out.
Code patch • On March 21, 2014 Bodo Moeller and Adam Langley of Google wrote a patch that fixed the bug. The date of the patch is known from Red Hat's issue tracker. • As of May 8, 2014, 318,239 of the public web servers remained vulnerable.
How it works & Usage in OpenSSL Library Heartbleed Request Payload Padding DATA SIZE Payload Size Data+??????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? Server Alive Check through Heartbeat
CVE-2014-0160 • CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE.
The Mistake • Is this a design flaw in SSL/TLS protocol specification? • No. This is implementation problem, i.e. programming mistake in popular OpenSSL library that provides cryptographic services such as SSL/TLS to the applications and services.
How to protect yourself. • Uprade Your Server; • Update your SSL Library • Change your password • Change your Private & Public Keys • Change your security settings and and its details
DEMO • Scanning Using NMAP to check, is Server is Vulnerable to HeartBleed • Setting a Hearbeat Session, with Heartbleed Payload • Using ngrep to find Username, Password, Keys from the decrypted Heartbeat (HeartBleed Payload) datas.
Refrences • Heartbleed.com • Wikipeadia • Nmap • exploit-db
Thank You • Mohammed Danish Amber • Email : me@mohammeddanishamber.com

Empfohlen

The Heartbleed Bug
The Heartbleed BugThe Heartbleed Bug
The Heartbleed Bugn|u - The Open Security Community
 
The Heartbleed Attack
The Heartbleed AttackThe Heartbleed Attack
The Heartbleed AttackShreyas Kothari
 
Heartbleed
Heartbleed Heartbleed
Heartbleed Shyam Bahadur Sunari Magar
 
Banner grabbing
Banner grabbingBanner grabbing
Banner grabbingarizonainfotech
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Adam Nurudini
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 

Empfohlen

The Heartbleed Bug
The Heartbleed BugThe Heartbleed Bug
The Heartbleed Bugn|u - The Open Security Community
 
The Heartbleed Attack
The Heartbleed AttackThe Heartbleed Attack
The Heartbleed AttackShreyas Kothari
 
Heartbleed
Heartbleed Heartbleed
Heartbleed Shyam Bahadur Sunari Magar
 
Banner grabbing
Banner grabbingBanner grabbing
Banner grabbingarizonainfotech
 
Vulnerabilities in modern web applications
Vulnerabilities in modern web applicationsVulnerabilities in modern web applications
Vulnerabilities in modern web applicationsNiyas Nazar
 
Denial of service attack
Denial of service attackDenial of service attack
Denial of service attackAhmed Ghazey
 
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)
Unrestricted file upload CWE-434 - Adam Nurudini (ISACA)Adam Nurudini
 
What is Network Security?
What is Network Security?What is Network Security?
What is Network Security?Faith Zeller
 
Cross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting ExplainedCross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting ExplainedValency Networks
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKSAnil Antony
 
Port Scanning
Port ScanningPort Scanning
Port Scanningamiable_indian
 
What is malware
What is malwareWhat is malware
What is malwareMalcolm York
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessLeon Teale
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
Cyber security
Cyber securityCyber security
Cyber securityManjushree Mashal
 
Denial of service
Denial of serviceDenial of service
Denial of servicegarishma bhatia
 
Burp suite
Burp suiteBurp suite
Burp suiteYashar Shahinzadeh
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASPMarco Morana
 
Burp suite
Burp suiteBurp suite
Burp suiteSOURABH DESHMUKH
 
John the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolJohn the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolMd. Raquibul Hoque
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attackskrishh sivakrishna
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - BeginnersHimanshu Kumar Das
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 
Heartbleed Explained
Heartbleed ExplainedHeartbleed Explained
Heartbleed ExplainedMike Chapple
 
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and SolutionHeartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and SolutionCASCouncil
 

Weitere ähnliche Inhalte

Was ist angesagt?

Cross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting ExplainedCross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting ExplainedValency Networks
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionVishal Kumar
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute forcevishalgohel12195
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessLeon Teale
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attackAmna
 
Cyber security
Cyber securityCyber security
Cyber securityChethanMp7
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASPMarco Morana
 
John the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolJohn the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolMd. Raquibul Hoque
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application VulnerabilitiesPreetish Panda
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentationMahmoud Ibra
 

Was ist angesagt? (20)

Cross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting ExplainedCross Site Request Forgery (CSRF) Scripting Explained
Cross Site Request Forgery (CSRF) Scripting Explained
 
Deep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL InjectionDeep understanding on Cross-Site Scripting and SQL Injection
Deep understanding on Cross-Site Scripting and SQL Injection
 
Password cracking and brute force
Password cracking and brute forcePassword cracking and brute force
Password cracking and brute force
 
DDoS ATTACKS
DDoS ATTACKSDDoS ATTACKS
DDoS ATTACKS
 
Port Scanning
Port ScanningPort Scanning
Port Scanning
 
What is malware
What is malwareWhat is malware
What is malware
 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
 
Reconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awarenessReconnaissance - For pentesting and user awareness
Reconnaissance - For pentesting and user awareness
 
Ransomware attack
Ransomware attackRansomware attack
Ransomware attack
 
Cyber security
Cyber securityCyber security
Cyber security
 
Cyber security
Cyber securityCyber security
Cyber security
 
Denial of service
Denial of serviceDenial of service
Denial of service
 
Burp suite
Burp suiteBurp suite
Burp suite
 
Introduction To OWASP
Introduction To OWASPIntroduction To OWASP
Introduction To OWASP
 
Burp suite
Burp suiteBurp suite
Burp suite
 
John the ripper & hydra password cracking tool
John the ripper & hydra password cracking toolJohn the ripper & hydra password cracking tool
John the ripper & hydra password cracking tool
 
Web Application Vulnerabilities
Web Application VulnerabilitiesWeb Application Vulnerabilities
Web Application Vulnerabilities
 
Types of cyber attacks
Types of cyber attacksTypes of cyber attacks
Types of cyber attacks
 
Bug Bounty for - Beginners
Bug Bounty for - BeginnersBug Bounty for - Beginners
Bug Bounty for - Beginners
 
Brute force-attack presentation
Brute force-attack presentationBrute force-attack presentation
Brute force-attack presentation
 

Andere mochten auch

Heartbleed Explained
Heartbleed ExplainedHeartbleed Explained
Heartbleed ExplainedMike Chapple
 
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and SolutionHeartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and SolutionCASCouncil
 
How to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawHow to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawConnectSafely
 
What is Heartbleed?
What is Heartbleed?What is Heartbleed?
What is Heartbleed?Blue Coat
 
Heartache and Heartbleed - 31c3
Heartache and Heartbleed - 31c3Heartache and Heartbleed - 31c3
Heartache and Heartbleed - 31c3Nick Sullivan
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Luis Grangeia
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && WirelessLuis Grangeia
 

Andere mochten auch (9)

Heartbleed Explained
Heartbleed ExplainedHeartbleed Explained
Heartbleed Explained
 
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and SolutionHeartbleed Bug Vulnerability: Discovery, Impact and Solution
Heartbleed Bug Vulnerability: Discovery, Impact and Solution
 
Poodles!!!
Poodles!!!Poodles!!!
Poodles!!!
 
How to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security FlawHow to Protect Yourself From Heartbleed Security Flaw
How to Protect Yourself From Heartbleed Security Flaw
 
Heartbleed
HeartbleedHeartbleed
Heartbleed
 
What is Heartbleed?
What is Heartbleed?What is Heartbleed?
What is Heartbleed?
 
Heartache and Heartbleed - 31c3
Heartache and Heartbleed - 31c3Heartache and Heartbleed - 31c3
Heartache and Heartbleed - 31c3
 
Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2Reverse Engineering the TomTom Runner pt. 2
Reverse Engineering the TomTom Runner pt. 2
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && Wireless
 

Ähnlich wie Heartbleed

Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures ijcsa
 
Cyber security event
Cyber security eventCyber security event
Cyber security eventTryzens
 
Collecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyCollecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyKonark modi
 
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleed
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleedCiso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleed
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleedPriyanka Aash
 
Heartbleed Bug Flaw in Servers and its reverse
Heartbleed Bug Flaw in Servers and its reverseHeartbleed Bug Flaw in Servers and its reverse
Heartbleed Bug Flaw in Servers and its reverseMohamed Hisham Ache
 
Open Source All The Things
Open Source All The ThingsOpen Source All The Things
Open Source All The ThingsAll Things Open
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-securityAndrew Carr
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticEchoworx
 
3/ Black Duck @ OPEN'16
3/ Black Duck @ OPEN'163/ Black Duck @ OPEN'16
3/ Black Duck @ OPEN'16Kangaroot
 
Heart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic libraryHeart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic libraryLorick Jain
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing SecurityAhmed Banafa
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Khaled Mosharraf
 
Heartbleed Bug
Heartbleed BugHeartbleed Bug
Heartbleed BugNIKHIL P L
 
Report on Heartbleed
Report on HeartbleedReport on Heartbleed
Report on HeartbleedShiva Sagar
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementationsTrupti Shiralkar, CISSP
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр АнтухOWASP Russia
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Black Duck by Synopsys
 

Ähnlich wie Heartbleed (20)

Heartbleed
HeartbleedHeartbleed
Heartbleed
 
Security in the News
Security in the NewsSecurity in the News
Security in the News
 
Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures Impact of HeartBleed Bug in Android and Counter Measures
Impact of HeartBleed Bug in Android and Counter Measures
 
Cyber security event
Cyber security eventCyber security event
Cyber security event
 
Collecting user-data-socially-responsibly
Collecting user-data-socially-responsiblyCollecting user-data-socially-responsibly
Collecting user-data-socially-responsibly
 
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleed
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleedCiso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleed
Ciso platform-annual-summit-2014-antti-karjalainen-dicoverer-of-heartbleed
 
Heartbleed Bug Flaw in Servers and its reverse
Heartbleed Bug Flaw in Servers and its reverseHeartbleed Bug Flaw in Servers and its reverse
Heartbleed Bug Flaw in Servers and its reverse
 
Open Source All The Things
Open Source All The ThingsOpen Source All The Things
Open Source All The Things
 
Apache web-server-security
Apache web-server-securityApache web-server-security
Apache web-server-security
 
The CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be crypticThe CypherWire - Encryption doesn't have to be cryptic
The CypherWire - Encryption doesn't have to be cryptic
 
3/ Black Duck @ OPEN'16
3/ Black Duck @ OPEN'163/ Black Duck @ OPEN'16
3/ Black Duck @ OPEN'16
 
Heart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic libraryHeart bleed-OpenSSL crytographic library
Heart bleed-OpenSSL crytographic library
 
ION Santiago: Lock It Up: TLS for Network Operators
ION Santiago: Lock It Up: TLS for Network OperatorsION Santiago: Lock It Up: TLS for Network Operators
ION Santiago: Lock It Up: TLS for Network Operators
 
Cloud Computing Security
Cloud Computing SecurityCloud Computing Security
Cloud Computing Security
 
Open ssl heart bleed weakness.
Open ssl heart bleed weakness.Open ssl heart bleed weakness.
Open ssl heart bleed weakness.
 
Heartbleed Bug
Heartbleed BugHeartbleed Bug
Heartbleed Bug
 
Report on Heartbleed
Report on HeartbleedReport on Heartbleed
Report on Heartbleed
 
Common crypto attacks and secure implementations
Common crypto attacks and secure implementationsCommon crypto attacks and secure implementations
Common crypto attacks and secure implementations
 
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
[1.1] Почему вам стоит поучаствовать в жизни OWASP Russia - Александр Антух
 
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
Open Source Insight: SCA for DevOps, DHS Security, Securing Open Source for G...
 

Mehr von n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

Mehr von n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Kürzlich hochgeladen

Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...PsychoTech Services
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformChameera Dedduwage
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDThiyagu K
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingTeacherCyreneCayanan
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajanpragatimahajan3
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfAyushMahapatra5
 

Kürzlich hochgeladen (20)

Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
IGNOU MSCCFT and PGDCFT Exam Question Pattern: MCFT003 Counselling and Family...
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
A Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy ReformA Critique of the Proposed National Education Policy Reform
A Critique of the Proposed National Education Policy Reform
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
social pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajansocial pharmacy d-pharm 1st year by Pragati K. Mahajan
social pharmacy d-pharm 1st year by Pragati K. Mahajan
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 

Heartbleed

  • 2. Myself • Mohammed Danish Amber • Working as Database Security Administrator • Tata Consultancy Services • CEH &CHFI • Collabarative Project on Hacker EcoSystem
  • 3. Agenda • What is Heartbleed • How it works and Usage in OpenSSL Library • What was the mistake in code • What is CVE-2014-0160 • How it can be exploited • The Mechanism • How to protect yourself
  • 4.
  • 5. What is Heartbleed • The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
  • 6. Heartbleed • The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
  • 7. Heartbleed • A fixed version of OpenSSL was released on April 7, 2014, on the same day Heartbleed was publicly disclosed. • At that time, some 17 percent (around half a million) of the Internet's secure web servers certified by trusted authorities were believed to be vulnerable to the attack, allowing theft of the servers' private keys and users' session cookies and passwords.
  • 8.
  • 9. Heartbeat • The Heartbeat Extension for the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols was proposed as a standard in February 2012 by RFC 6520. It provides a way to test and keep alive secure communication links without the need to renegotiate the connection each time.
  • 10. Heartbeat • In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the University of Duisburg-Essen, implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL, his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson apparently failed to notice a bug in Seggelmann's implementation, and introduced the flawed code into OpenSSL's source code repository on December 31, 2011. The vulnerable code was adopted into widespread use with the release of OpenSSL version 1.0.1 on March 14, 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable by default.
  • 11. Discovery • According to Mark J. Cox of OpenSSL, Neel Mehta of Google's security team reported Heartbleed on April 1, 2014. • The bug was named by an engineer at Codenomicon, a Finnish cybersecurity company, which also created the bleeding heart logo, and launched the domain Heartbleed.com to explain the bug to the public. • According to Codenomicon, Neel Mehta first reported the bug to OpenSSL, but both Google and Codenomicon discovered it independently. • Codenomicon reportsApril 3, 2014 as their date of discovery of the bug and as their date of notification of NCSC-FI (formerly known as CERT-FI) for vulnerability coordination. • The Sydney Morning Herald published a timeline of the discovery on April 15, 2014, which shows that some of the organizations were able to patch against the bug before its public disclosure. In some cases, it is not clear how they found out.
  • 12. Code patch • On March 21, 2014 Bodo Moeller and Adam Langley of Google wrote a patch that fixed the bug. The date of the patch is known from Red Hat's issue tracker. • As of May 8, 2014, 318,239 of the public web servers remained vulnerable.
  • 13. How it works & Usage in OpenSSL Library Heartbleed Request Payload Padding DATA SIZE Payload Size Data+??????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? ?????????????????? Server Alive Check through Heartbeat
  • 14. CVE-2014-0160 • CVE-2014-0160 is the official reference to this bug. CVE (Common Vulnerabilities and Exposures) is the Standard for Information Security Vulnerability Names maintained by MITRE.
  • 15. The Mistake • Is this a design flaw in SSL/TLS protocol specification? • No. This is implementation problem, i.e. programming mistake in popular OpenSSL library that provides cryptographic services such as SSL/TLS to the applications and services.
  • 16.
  • 17.
  • 18.
  • 19.
  • 20. How to protect yourself. • Uprade Your Server; • Update your SSL Library • Change your password • Change your Private & Public Keys • Change your security settings and and its details
  • 21. DEMO • Scanning Using NMAP to check, is Server is Vulnerable to HeartBleed • Setting a Hearbeat Session, with Heartbleed Payload • Using ngrep to find Username, Password, Keys from the decrypted Heartbeat (HeartBleed Payload) datas.
  • 23. Thank You • Mohammed Danish Amber • Email : me@mohammeddanishamber.com