用Nmap检测

nmap -sV --script=ssl-heartbleed [your ip] -p 443

有心脏滴血漏洞的报告:

➜  ~ nmap -sV --script=ssl-heartbleed 111.X.X.53 -p 443

Starting Nmap 7.80 ( https://nmap.org ) at 2020-05-22 12:10 CST

Nmap scan report for 111.X.X.53

Host is up (0.040s latency).

PORT    STATE SERVICE  VERSION

443/tcp open  ssl/http nginx

| ssl-heartbleed:

|   VULNERABLE:

|   The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. It allows for stealing information intended to be protected by SSL/TLS encryption.

|     State: VULNERABLE

|     Risk factor: High

|       OpenSSL versions 1.0.1 and 1.0.2-beta releases (including 1.0.1f and 1.0.2-beta1) of OpenSSL are affected by the Heartbleed bug. The bug allows for reading memory of systems protected by the vulnerable OpenSSL versions and could allow for disclosure of otherwise encrypted confidential information as well as the encryption keys themselves.

|

|     References:

|       http://www.openssl.org/news/secadv_20140407.txt

|       https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

|_      http://cvedetails.com/cve/2014-0160/

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 16.26 seconds

没有心脏滴血漏洞的报告:

➜  ~ nmap -sV --script=ssl-heartbleed 39.156.69.79 -p 443

Starting Nmap 7.91 ( https://nmap.org ) at 2021-02-13 07:59 CST

Nmap scan report for 39.156.69.79

Host is up (0.0091s latency).

PORT    STATE SERVICE  VERSION

443/tcp open  ssl/http Baidu Front End httpd 1.0.8.18

|_http-server-header: bfe/1.0.8.18

Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 37.99 seconds

修复建议

  1. 若发现出现漏洞的服务器,立刻下线,避免其继续暴露敏感信息。
  2. 停止旧版本的SSL服务,升级新版SSL服务。

心脏滴血(CVE-2014-0160)检测与防御的更多相关文章

  1. 心脏滴血漏洞复现(CVE-2014-0160)

    心脏滴血漏洞简述 2014年4月7日,OpenSSL发布安全公告,在OpenSSL1.0.1版本至OpenSSL1.0.1f Beta1版本中存在漏洞,该漏洞中文名称为心脏滴血,英文名称为HeartB ...

  2. OpenSSL “心脏滴血”漏洞

    OpenSSL "心脏滴血"漏洞 漏洞描述 : OpenSSL软件存在"心脏出血"漏洞,该漏洞使攻击者能够从内存中读取多达64 KB的数据,造成信息泄露. 漏洞 ...

  3. 工信部公示网络安全示范项目 网易云易盾“自适应DDoS攻击深度检测和防御系统”入选

    本文由  网易云发布. 工信部官网 2017年年底,经专家评审和遴选,中华人民共和国工业和信息化部(以下简称“工信部”)公示了2017年电信和互联网行业网络安全试点示范项目,网易云易盾的“自适应DDo ...

  4. openssl 心脏滴血

    yum -y update openssl openssl verson rpm -q --changelog openssl | grep CVE-

  5. 心脏滴血HeartBleed漏洞研究及其POC

    一.漏洞原理: 首先声明,我虽然能看懂C和C++的每一行代码,但是他们连在一起我就不知道什么鬼东西了.所以关于代码说理的部分只能参考其他大牛的博客了. /* 据说源码中有下面两条语句,反正我也没看过源 ...

  6. OpenSSL Heartbleed “心脏滴血”漏洞简单攻击示例

    OpenSSL Heartbleed漏洞的公开和流行让许多人兴奋了一把,也让另一些人惊慌了一把. 单纯从攻击的角度讲,我已知道的,网上公开的扫描工具有: 1.  Nmap脚本ssl-heartblee ...

  7. OpenSSL Heartbleed "心脏滴血"漏洞简单攻击示例

    转自:http://www.lijiejie.com/openssl-heartbleed-attack/ OpenSSL Heartbleed漏洞的公开和流行让许多人兴奋了一把,也让另一些人惊慌了一 ...

  8. 心脏滴血漏洞复现(CVE-2014-0160)

    漏洞范围: OpenSSL 1.0.1版本 漏洞成因: Heartbleed漏洞是由于未能在memcpy()调用受害用户输入内容作为长度参数之前正确进 行边界检查.攻击者可以追踪OpenSSL所分配的 ...

  9. 漫谈程序猿系列:无BUG不生活

    watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQvZm9ydW9r/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/d ...

随机推荐

  1. Codeforces Round #628 (Div. 2) C. Ehab and Path-etic MEXs(树,思维题)

    题意: 给有 n 个点的树的 n-1 条边从 0 到 n-2 编号,使得任意两点路径中未出现的最小数最小的方案. 思路: 先给所有度为 1 的点所在边编号,之后其他点可以随意编排. #include ...

  2. hdu1558 Segment set

    Problem Description A segment and all segments which are connected with it compose a segment set. Th ...

  3. Codeforces #624 div3 C

    You want to perform the combo on your opponent in one popular fighting game. The combo is the string ...

  4. ArcGIS Mobile 自定义图层在绘制面时节点未绘制完全的问题

    ArcGIS Mobile 自定义图层在绘制面时节点未绘制完全,如下图: 面的绘制代码如下: public void Draw(Display dis, Pen p1, Pen p2,Pen p3 , ...

  5. SASS CSS3 koala

    CSS with superpowers Sass: Syntactically Awesome Style Sheets http://sass-lang.com/ Sass is the most ...

  6. 24 Days Of JavaScript mas

    24 Days Of JavaScript mas Level up your JavaScript skills with a daily coding challenge from Decembe ...

  7. C# 6.0 Features , C# 7.0 Features

    1 1 1 C# 6.0 Features http://stackoverflow.com/documentation/c%23/24/c-sharp-6-0-features#t=20160828 ...

  8. WiFi & QR Code

    WiFi & QR Code https://github.com/bndw/wifi-card https://wifi.dev.bdw.to/ 扫码登录 WIFI:T:WPA;S:free ...

  9. git & Angular git commit 规范

    git & Angular git commit 规范 https://github.com/angular/angular/commits/master https://github.com ...

  10. c++ 获取当前程序的主模块句柄

    char text[2014]; GetModuleBaseNameA(GetCurrentProcess(), 0, text, 1024); HMODULE hModule = GetModule ...