Threat Level: green Handler on Duty: Pedro Bueno

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Testing your website for the heartbleed vulnerability with nmap

Published: 2014-04-18
Last Updated: 2014-04-18 17:08:52 UTC
by Manuel Humberto Santander Pelaez (Version: 1)
2 comment(s)

We have received reports by many readers about buggy tools to test for the heartbleed vulnerability. Today I want to show you how easy it is to check for this vulnerability using a reliable tool as nmap.

You just need to trigger a version scan (-sV) along with the script (ssl-heartbleed). The following example with show a command that will scan 192.168.0.107 for this bug:

nmap -sV 192.168.0.107 --script=ssl-heartbleed

This will be the output for a non-vulnerable website. As you can see, no warnings are shown:

ssl-heartbleed output

If you are vulnerable, you will get the following:

Vulnerable message for heartbleed

For vulnerability testing, always use reliable tools which won't contain malicious code infecting your computer and won't give you false positive messages.

Manuel Humberto Santander Peláez
SANS Internet Storm Center - Handler
Twitter:@manuelsantander
Web:http://manuel.santander.name
e-mail: msantand at isc dot sans dot org

Keywords:
2 comment(s)
ISC StormCast for Friday, April 18th 2014 http://isc.sans.edu/podcastdetail.html?id=3941
Diary Archives