• Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Facebook Twitter Instagram
Trending
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
  • Vulnerability Scanning with OpenVAS 9 part 3: Scanning the Network
  • Vulnerability Scanning with OpenVAS 9 part 2: Vulnerability Scanning
Facebook Twitter YouTube Tumblr Instagram Pinterest
Hacking Tutorials
  • Home
  • About Us
  • General
  • Wireless
  • Web
  • Scanning
  • Metasploit
  • Hacking Courses
    • OSCP
    • The Virtual Hacking Labs
    • Certified Ethical Hacker (CEH)
    • Hacking Books
  • More
    • Exploit tutorials
    • Pentesting Exchange
    • Networking
    • Malware Analysis
    • Hacking Metasploitable 2/3
    • Digital Forensics
  • Contact
Hacking Tutorials
You are at:Home » Scanning Tutorials » Heartbleed SSL bug Scanning using Nmap on Kali Linux
Heartbleed bug Scanning using Nmap on Kali Linux

Heartbleed SSL bug Scanning using Nmap on Kali Linux

2
By Hacking Tutorials on May 30, 2015 Scanning Tutorials

In this tutorial we will be scanning a target for the well known Heartbleed SSL Bug using the popular Nmap tool on Kali Linux. The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library and was introduced on 31 December on 2011 and released in March 2012. This weakness allows the attacker to steal information protected by the SSL/TLS encryption which is very commonly used to secure internet connections. The official name for Heartbleed is CVE-2014-0160. A fix has been released and deployed by many OS and application vendors but when a vulnerable version of OpenSSL is used or when applications haven’t been patched by the user or vendor, the vulnerability can still be exploited. With Nmap’s SSL-Heartbleed script it takes us just a couple seconds to check for this vulnerability and should be part of any penetration test.

Many software applications, web applications and web services have SSL/TLS encryption integrated and have been affected by Heartbleed. These applications include among a lot more: multiple VMware products, Yahoo, Filemaker, Cisco Routers, HP server applications, Sourceforge and Github. Even governments have temporarily shut down online services to defend their applications and networks from attackers, like the Canada Revenue Agency (CRA). Many websites instructed their users to change passwords after a fix had been implemented to reduce the risk of attackers using passwords which were stolen by exploiting the Heartbleed SSL vulnerability.

The Heartbleed SSL bug was discovered by Neel Mehta from Google Security and announced to the public by the OpenSSL project on April 7th 2014. After companies like Yahoo, Google and Microsoft had a chance to fix Heartbleed on their applications. Researchers at AVG’s Virus Labs said they scanned Alexa’s league table of the top 800,000 sites in the world and found 12,043 sites (1.5 per cent) are still vulnerable. Let’s continue this tutorial with some hands on testing and see how we can use Nmap to scan targets for Heartbleed vulnerabilities.

Scanning for Heartbleed with Nmap

Use the following command to scan a target for the Heartbleed SSL bug:

nmap -d –script ssl-heartbleed –script-args vulns.showall -sV [host]

When using the –script-args vulns.showall flag, Nmap will show you also when the target is not vulnerable.

Heartbleed SSL bug Nmap

As you can see on the screenshot the target host we have scanned is not vulnerable to Heartbleed. The scanning took only a few seconds and since a lot of applications have been vulnerable to Heartbleed we suggest you to run this script when performing a penetration test or security scan.

Nmap Heartbleed Scanning Video Tutorial

Thanks for watching and please subscribe to my YouTube channel :)

Related Nmap Hacking Tutorials

Open Port Scanning and OS Detection with Nmap in Kali Linux

Scanning a network for live hosts with Nmap

How to enumerate webserver directories with Nmap

Scanning for SMB vulnerabilities using Nmap

Heartbleed SSL bug Scanning using Nmap on Kali Linux

Virtual Hacking Labs - Penetration testing lab

Share on:

  • Email
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
Previous ArticleHow to enumerate webserver directories with Nmap on Kali Linux
Next Article Scanning for SMB vulnerabilities using Nmap

Related Posts

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

Installing Rogue-jndi on Kali Linux

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

2 Comments

  1. Jason on November 2, 2015 1:02 am

    Nice tutorial…

    Reply
  2. John Doe on November 21, 2016 11:43 am

    Thanks pal

    Reply

Leave A Reply Cancel Reply

Top Tutorials
By Hacking TutorialsOctober 29, 20220

CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability

By Hacking TutorialsJanuary 10, 20220

Installing Rogue-jndi on Kali Linux

By Hacking TutorialsDecember 17, 20210

Log4Shell VMware vCenter Server (CVE-2021-44228)

By Hacking TutorialsSeptember 27, 20210

The Great Leak: Microsoft Exchange AutoDiscover Design Flaw

By Hacking TutorialsFebruary 4, 20200

CVE-2019-19781: Citrix ADC RCE vulnerability

By Hacking TutorialsNovember 1, 20188

Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations

Subscribe

Enter your email address to subscribe to Hacking Tutorials and receive notifications of new tutorials by email.

Join 828 other subscribers
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
Virtual Hacking Labs
Penetration Testin Course and Hacking Labs
Categories
  • Digital Forensics
  • Exploit tutorials
  • General Tutorials
  • Hacking Books
  • Hacking Courses
  • Malware Analysis Tutorials
  • Metasploit Tutorials
  • Networking
  • Pentesting Exchange
  • Scanning Tutorials
  • Web Applications
  • Wifi Hacking Tutorials
Downloads
  • directory_scanner.py (122139 downloads)
  • PEiD-0.95-20081103.zip (112958 downloads)
  • wifi_jammer.py (139886 downloads)
Recent Tutorials
  • CVE-2022-3602 and CVE-2022-3786: OpenSSL 3.0.7 patches Critical Vulnerability
  • Installing Rogue-jndi on Kali Linux
  • Log4Shell VMware vCenter Server (CVE-2021-44228)
  • The Great Leak: Microsoft Exchange AutoDiscover Design Flaw
  • CVE-2019-19781: Citrix ADC RCE vulnerability
  • Vulnerability Scanning with OpenVAS 9 part 4: Custom scan configurations
Popular Tutorials
By Hacking TutorialsSeptember 1, 2016115

Review: Offensive Security Certified Professional (OSCP)

By Hacking TutorialsApril 18, 201738

Exploiting Eternalblue for shell with Empire & Msfconsole

By Hacking TutorialsMarch 17, 201637

Installing VPN on Kali Linux 2016 Rolling

Featured Downloads
  • directory_scanner.py (122139 downloads)
  • PEiD-0.95-20081103.zip (112958 downloads)
  • wifi_jammer.py (139886 downloads)
© Hacking Tutorials 2022

Type above and press Enter to search. Press Esc to cancel.

Go to mobile version