Heartbleed

Yannick PÉROUX - 24 Avril 2014 - CA645
Dublin City University


Overview


  • Exploit the Heartbeat extension of SSL/TLS
  • Buffer over-read attack
  • Can read up to 64kb of memory
  • Only for OpenSSL
  • Non-detectable by intrusion systems

Discovery


  • Introduced in 2011
  • Discovered by two teams early April 2014
  • Fixed & made public the 7th
  • ~500,000 affected servers

Possibilities


  • Can read random chunks of memory
  • The heap is your limit!
  • See decrypted traffic
  • Cookies, SIDs…
  • POST requests -> logins, passwords…
  • Certificates
  • Privates keys
  • Works in both ways !

heartbleed

By Yannick Péroux

heartbleed

  • 1,132