이 글을 열람했다면 동의했다는 의미이고 실제사이트에 공격시 본인에게 책임이 있음을 알려드립니다.
We have received reports by many readers about buggy tools to test for the heartbleed vulnerability. Today I want to show you how easy it is to check for this vulnerability using a reliable tool as nmap.
You just need to trigger a version scan (-sV) along with the script (ssl-heartbleed). The following example with show a command that will scan 192.168.0.107 for this bug:
nmap -sV 192.168.0.107 --script=ssl-heartbleed
This will be the output for a non-vulnerable website. As you can see, no warnings are shown:
.png)
If you are vulnerable, you will get the following:
For vulnerability testing, always use reliable tools which won't contain malicious code infecting your computer and won't give you false positive messages.
'security_downloads' 카테고리의 다른 글
| Top 10 Tips for Using PowerShell ISE (0) | 2014.04.20 |
|---|---|
| Linux x86 Reverse Engineering (0) | 2014.04.19 |
| CRYPTOGRAPHIC KEY MANAGEMENT PROJECT (0) | 2014.04.18 |
| Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC (0) | 2014.04.18 |
| AV Evasion With Dynamic Payload Generation (0) | 2014.04.18 |