No description, website, or topics provided.
Branch: master
Clone or download
tam7t correct verbiage.
addresses Issue #1
Latest commit c904e12 Apr 17, 2014
Type Name Latest commit message Commit time
Failed to load latest commit information.


Script to encapsulate heartbleed (CVE-2014-0160) POC's against OpenVPN

Built by Tommy Murphy (@tam7t) to investigate vulnerable dd-wrt build


python <openvpn server address>
python localhost


  • UDP only (no TCP)
  • implementing --tls-auth would block this (that would require HMAC'ing of messages)
  • time_t timestamp not implemented (part of packet-id)
  • no reliability layer (ignores acks/doesn't retransmit)
  • key id parameter fixed to 0 (bottom 3 bits of OpenVPN opcode)