Skip to content

iu0v1/heartbleeder

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Heartbleeder

Tests your servers for OpenSSL CVE-2014-0160 aka Heartbleed.

WARNING: This is very untested, and you should verify the results independently. Pull requests welcome.

Usage

$ heartbleeder example.com
INSECURE - example.com:443 has the heartbeat extension enabled and is vulnerable

Postgres uses OpenSSL in a slightly different way. To test whether a Postgres server is vulnerable, run the following (defaults to port 5432):

$ heartbleeder -pg example.com
SECURE - example:5432 does not have the heartbeat extension enabled

Binaries are available from gobuild.io.

Build from source by running go get github.com/titanous/heartbleeder, which will put the code in $GOPATH/src/github.com/titanous/heartbleeder and a binary at $GOPATH/bin/heartbleeder.

Requires Go version >= 1.2. On Ubuntu godeb is an easy way of getting the latest version of Go.

Credits

The TLS implementation was borrowed from the Go standard library.

About

OpenSSL CVE-2014-0160 Heartbleed vulnerability test

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published