Using Metasploit to exploit Heartbleed

In this recipe, we will be using Metasploit, available in Kali Linux, to exploit to the Heartbleed vulnerability. It is not mandatory to use Metasploit to exploit Heartbleed. It can be done using simple Python script or a simple Burp plugin (in the free version) to figure out whether the server/service is vulnerable to Heartbleed. However, we wanted to introduce Metasploit exploit and an auxiliary module, which can be very helpful at times.

Getting ready

To step through this recipe, you will need the following:

Kali Linux running on Oracle Virtualbox/VMware
Docker running on Kali Linux
Vulnerable Web Application Docker container
An Internet connection

How to do it...

For this recipe, you need to perform the following ...

Get Kali Linux Intrusion and Exploitation Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Kali Linux Intrusion and Exploitation Cookbook by Ishan Girdhar, Dhruv Shah

Using Metasploit to exploit Heartbleed

Getting ready

How to do it...

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly