-
Notifications
You must be signed in to change notification settings - Fork 144
/
heartleech.8
141 lines (135 loc) · 6.74 KB
/
heartleech.8
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "HEARTLEECH" "8" "May 2014" "" ""
.
.SH "NAME"
\fBheartleech\fR \- Exploits OpenSSL heartbleed vulnerability
.
.SH "SYNOPSIS"
heartleech \fIhost\fR [\-\-p \fIport\fR] [\-\-dump \fIfilename\fR] [\-\-autopwn] [\-\-threads \fIn\fR]
.
.P
heartleech \-\-read \fIfilename\fR \-\-cert \fIcertficate\fR
.
.P
heartleech \-\-scanlist \fIfile\fR
.
.SH "DESCRIPTION"
\fBheartleech\fR exploits the well\-known "heartbleed" bug in <= OpenSSL\-1\.0\.1f\. It has a number of features that improve over other heartbleed exploits, such as automatically extracting the SSL private\-key (autopwn)\.
.
.SH "OPTIONS"
.
.IP "\(bu" 4
\fB<host>\fR: the target\'s name, IPv4 address, or IPv6 address\. IPv4 ranges separated by a dash work\. This can optionally have a port as part of the name using a colon (e\.g\. \fBwww\.google\.com:25\fR)\. Will try to use STARTTLS on appropriate ports instead of raw SSL\.
.
.IP "\(bu" 4
\fB\-\-autopwn\fR: sets "auto\-pwn" mode, which automatically searches the bleeding buffers for the private\-key\. If the private\-key is found, it will be printed to \fIstdout\fR, and the program will exit\.
.
.IP "\(bu" 4
\fB\-\-cert\fR: in offline mode, this option tells the program the certificate to load\. A certificate, containing the public\-key, is needed in order to search data for the matching components of a private key\. In online mode, this option isn\'t necessary, because the certificate is fetched from the server duing the SSL handshake\.
.
.IP "\(bu" 4
\fB\-d\fR: sets the \'debug\' flag, which causes a lot of debug information to be printed to \fIstderr\fR\. Using this will help diagnose connection problems\. You should use this the first time you connect to a new host, just to make sure things are working well\.
.
.IP "\(bu" 4
\fB\-\-dump <filename>\fR: the file where bleeding information is stored\. Typically, the user will use this program to grab data from a server, then use other tools to search those files for things, such as cookies, passwords, and private strings\.
.
.IP "\(bu" 4
\fB\-\-ipver <ver>\fR: sets the version of IP to use, either 4 for IPv4 or 6 for IPv6\. Otherwise, the program tries to guess from the address given, or chooses whichever is first when doing a DNS lookup\. Shorter options of \fB\-\-ipv6\fR and \fB\-\-ipv4\fR also work\.
.
.IP "\(bu" 4
\fB\-\-loop <count>\fR: the number of times to loop and try a heartbeat again\. The default count is 1000000 (one\-million)\. A count of 1 grabs just a single heartbeat\.
.
.IP "\(bu" 4
\fB\-\-port <port>\fR: the port number to connect to on the target machine\. If not specified, the port number 443 will be used\.
.
.IP "\(bu" 4
\fB\-\-proxy <host:port>\fR: use the Socks5n proxy\. If the port is not specified, it defaults to 9150\. This is intended for use with the Tor network, but should work with any Socks5 proxy\. These uses the \'name\' feature, so to that it\'ll be the Tor exit node resolving the DNS name, not the local host\.
.
.IP "\(bu" 4
\fB\-\-rand\fR: randomizes the size of heartbleed requests\. Normally, the program requests for the max 64k size, but with this setting, each request will have a random size between 200 and 64k\. Some believe that heartbeats of different size will produce different results\.
.
.IP "\(bu" 4
\fB\-\-read\fR: instead of running live against a server, this option causes the program to run forensics on existing files, looking for private keys\. The option \fB\-\-cert\fR must also be used\.
.
.IP "\(bu" 4
\fB\-\-raw\fR: send the hearbeat requests before SSL negotiation is complete\. Use this option on targets where the post\-handshake heartbeats don\'t work\.
.
.IP "\(bu" 4
\fB\-\-scan\fR: scans target to test if vulnerable, instead of dumping\. This ends the connection immediately\. A verdict will be printed to \fIstdout\fR, either VULNERABLE, SAFE, or INCONCLUSIVE\. Most systems marked INCONCLUSIVE are in fact safe\.
.
.IP "\(bu" 4
\fB\-\-scanlist <filename>\fR: reads a list of targets from a file instead of reading them from a command\-line, and also sets the \fB\-\-scan\fR flag\. Use this when you have thousands of targets to scan\. Note that if you have a lot of targets, you should also set the \fB\-\-threads\fR to a high number\.
.
.IP "\(bu" 4
\fB\-\-threads <count>\fR: uses more than one thread, scanning/dumping a lot faster\. Setting 1000 threads would not be unreasonable, especially when scanning a lot of targets\.
.
.IP "\(bu" 4
\fB\-\-timeout <n>\fR: sets the timeout for read operations on a socket, which defaults to 6 seconds\. Note that connection timeouts are much longer, set by the operating system, and not currently configurable\.
.
.IP "" 0
.
.SH "SIMPLE EXAMPLES"
The following is the easiest way to use the program, to grab the private\-key form the server in \'auto\-pwn\' mode:
.
.IP "" 4
.
.nf
$ heartleech www\.example\.com \-\-autopwn \-\-threads 5
.
.fi
.
.IP "" 0
.
.P
This auto\-pwn mode will search for the heartbeat payloads looking for the components of the private\-key that matches the server\'s certificate (which it automatically retrieves)\. When a certificate is found, it\'s printed to \fIstdout\fR\. The user can then copy it to a file and use it for anythign that private\-keys can be used for\. Using multiple threads downloads faster\.
.
.P
Heartbleed information contains more than just private keys\. On a typical web\-server, it\'ll contain session cookies (useful for sidejacking) and passwords\. In that case, the way to use this program is to save all the heartbleed information into a file\. Note that these files quickly grow to gigabytes in size:
.
.IP "" 4
.
.nf
$ heartleech www\.example\.com \-\-dump bleed\.bin \-\-threads 6
<ctrl\-c>
$ grep \-iobUaP "Cookie:\.*\en" bleed\.bin
.
.fi
.
.IP "" 0
.
.P
You can scan for vulnerable targets instead of dumping information:
.
.IP "" 4
.
.nf
$ heartleech \-\-scanlist hostlist\.txt \-\-scan 10\.0\.0\.0\-10\.0\.0\.255:992 \-\-threads 1000
.
.fi
.
.IP "" 0
.
.P
Hosts in the this file use the same format as other hostnames, meaning they can be ranges, and also have ports specified\. Scan speed is likely dictated by the number of threads you have\. You can have a lot of threads, but scanning will still be slower than \fBmasscan\fR\. The "verdict" from scanning is
.
.IP "" 4
.
.nf
* `SAFE` if we know for certain the target is safe, because it either
doesn\'t support heartbeats at all, or is patched against the bug
* `VULNERABLE` if we know for certain that the target is vulnerable,
because we got back a bleed
* `INCONCLUSIVE` if we don\'t get a response \-\- which usually means that the
target is safe, but we can\'t tell for sure
.
.fi
.
.IP "" 0
.
.SH "SEE ALSO"
masscan(8)
.
.SH "AUTHORS"
This tool was written by Robert Graham\. The source code is available at https://github\.com/robertdavidgraham/heartbleed