Heartbleed
Yannick PÉROUX - 24 Avril 2014 - CA645
Dublin City University
Overview
- Exploit the Heartbeat extension of SSL/TLS
- Buffer over-read attack
- Can read up to 64kb of memory
- Only for OpenSSL
- Non-detectable by intrusion systems
Discovery
- Introduced in 2011
- Discovered by two teams early April 2014
- Fixed & made public the 7th
- ~500,000 affected servers
Possibilities
- Can read random chunks of memory
- The heap is your limit!
- See decrypted traffic
- Cookies, SIDs…
- POST requests -> logins, passwords…
- Certificates
- Privates keys
- Works in both ways !