Giters

DarkStar7471 / CTF-HeartBleed

A CTF focused on the SSL HeartBleed vulnerability hosted on TryHackMe.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

HeartBleed

alt text

Source: Created by Ashu on TryHackMe

Description:

​ SSL issues are still lurking in the wild. Can you exploit this web servers OpenSSL?

Related Hosting Links

Special Notes:

This machine can require a reboot partially through the process. This is done in order to clear the machine memory.

Instructions:

  • An excerpt from heartbleed.com

    • The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).

      The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.

  • Start the process of completing this challenge by first determining the address of the box you are presently attacking. This can be done on TryHackMe by deploying the machine and allowing a few minutes it to fully launch.

    • alt text

  • Once the machine is deployed, let's go ahead and scan it with nmap

    • alt text
    • alt text

  • Reboot the machine at this point! Nmap shoves a bunch of junk in memory and it won't be helping up find the flag!

  • Looks like the machine is hosting a website and it's not properly patched, let's go ahead and see if there's a metasploit module for this

    • alt text
    • alt text

  • Looks like there is! Let's go ahead and select it for use and check what options we have to set

    • alt text

  • Just need to set RHOST (Remote host) and verbose, let's go ahead and set those!

    • alt text
    • alt text

  • Should be all set, lets run it!

    • alt text
    • alt text

  • There we go! Update your servers, folks!

Flags:

  1. Contained within the HeartBleed information disclosure.

About

A CTF focused on the SSL HeartBleed vulnerability hosted on TryHackMe.com