O'Reilly logo

Kali Linux Web Penetration Testing Cookbook by Gilberto Nájera-Gutiérrez

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Exploiting Heartbleed vulnerability

In this recipe, we will use our previously compiled Heartbleed exploit to extract information about the vulnerable Bee-box server (https://192.168.56.103:8443/ in this recipe).

The Bee-box virtual machine can be downloaded from https://www.vulnhub.com/entry/bwapp-bee-box-v16,53/ and the installation instructions are there too.

Getting ready

In the previous recipe, we generated an executable from the Heartbleed exploit; we will now use that to exploit the vulnerability on the server.

As Heartbleed is a vulnerability that extracts information from the server's memory, it may be necessary to browse and send requests to the server's HTTPS pages on port 8443 (https://192.168.56.103:8443/) before attempting the exploit ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required