I am working on a Heartbleed example exploit. I was able to set the server up with an older version of Apache and OpenSSL and the server is infact vulnerable. However, when leaking the information, the only information that's being returned is the HTTP headers. Is there something I can do on the server to allow it to leak more interesting information? I have tried to put interesting information in the request headers but these aren't leaked. This server currently just serves a static index file.
Asked
Active
Viewed 136 times
3
-
Is your server machine using ASLR? I believe that mixes up the memory in the computer, which makes things like this more difficult. I know recent versions of Mac OS X and iOS use it, but I don't know about other OSs. (I'm no expert, though -- I may be misunderstanding how it works.) – SilverWolf Nov 18 '18 at 23:10
-
@SilverWolf I have ASLR turned off. I am using Linux, which does have ASLR by default but it's disabled. – Unsolved Cypher Nov 19 '18 at 01:07
-
1I don't think ASLR would matter for this specific attack anyway. – forest Nov 19 '18 at 07:49