Jump to content

Bugs in Heartbleed detection scripts

gregorio2

By gregorio2
in General Discussion

 Share

Recommended Posts

gregorio2

gregorio2 1

Posted
Posted

On blog over at CNS Hut3 they have posted results of tests on Heartbleed detection tools and have developed their own and provide gist of how they developed it.

They also pointed out that 95% of current tests are providing false feel good results and false vulnerables:

hxxp://www.hut3.net/blog/cns---networks-security/2014/04/14/bugs-in-heartbleed-detection-scripts-

 

The date on blog is Apr 14, 2014, so some of  those detection tools may have fixed their respective tools if they paid notice of CNS Hut3's work.

A few updates to blog show some have done just that.

A review of that work and other insight over at theguardian.com:

hxxp://www.theguardian.com/technology/2014/apr/16/heartbleed-bug-detection-tools-flawed

 

Heartbleed bug and all those suspect certificates are far from being cleaned up.

 

Reported arrest in Canada of Heartbleed hacker:

hxxp://arstechnica.com/tech-policy/2014/04/heartbleed-hacker-arrested-charged-in-connection-to-malicious-bug-exploit/

Link to comment
Share on other sites
gregorio2

gregorio2 1

Posted
  • Author
Posted (edited)

Over at possible.lv  they had note to sys admins I had not heard before:

"Patch your OpenSSL and statically linked binaries; Change your certificates, if you've been affected."

 

That part about binaries not heard before. Also  possible.lv updated at CNS Hut3 blog as fixed tool.

 

hxxp://possible.lv/tools/hb/

Edited by gregorio2
Link to comment
Share on other sites
gregorio2

gregorio2 1

Posted
  • Author
Posted (edited)

Arakasi,

 

The four tools listed on Hut3's blog as good or fixed are:

https://www.ssllabs.com/ssltest/index.html

hxxp://possible.lv/tools/hb/

hxxp://nmap.org/nsedoc/scripts/ssl-heartbleed.html

hxxp://heartbleed.criticalwatch.com/                                 edited

 

I will not list all that failed to detect, go to blog, but total listed as tested was 15 with 4 good or fixed.             edited

The 3 most used were tested, The four tools listed on Hut3's blog as good or fixed are:

https://www.ssllabs....test/index.html

hxxp://possible.lv/tools/hb/

hxxp://nmap.org/nsed...heartbleed.html

hxxp://heartbleed.criticalwatch.com/                                 edited

 

I will not list all that failed to detect, go to blog, but total listed as tested was 15 with 4 good or fixed.             edited

The 3 most used were tested, Symantec's was not tested.

 

Flilippo noted the script and said to be working on it:

hxxp://www.reddit.co...test_site_ama/#

hxxp://filippo.io/Heartbleed/ )

This is significant in that, it is basis for Chrome extension:

Chromebleed: "Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded."

 

The Hut3 tool is  a python script and needs to run with python and so is not for

general use like most of the other tools.t.

 

Filippo noted the script and said to be working on it:

hxxp://www.reddit.com/r/IAmA/comments/233161/i_am_the_author_of_the_heartbleed_test_site_ama/#

( hxxp://filippo.io/Heartbleed/ )

This is significant in that, it is basis for Chrome extension:

Chromebleed: "Chromebleed uses a web service developed by Filippo Valsorda and checks the URL of the page you have just loaded."

 

The Hut3 tool is  a python script and needs to run with python and so is not for

general use like most of the other tools.

Edited by gregorio2
Link to comment
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...