NOMISEC-siddolo/knockbleed

NOMISEC SCANNER
Exploit for CVE-2014-0160 - OpenSSL <1.0.1g - Info Disclosure
AI Analysis

This repository contains a shell script that automates the testing of subdomains for the Heartbleed vulnerability (CVE-2014-0160) using the 'knock' subdomain scanner and 'check-ssl-heartbleed' tool. It iterates through subdomains of a given domain and checks for vulnerability by sending malformed heartbeat requests.

Attack Type
info_leak
Complexity
moderate
Reliability
reliable
MITRE ATT&CK
T1069 - Permission Groups Discovery T1592 - Gather Victim Host Information
Loading exploit code...
Download ZIP Password: eip
Source
Platform Nomisec
Type poc
Files 3
Stars 0
Forks 0
Last Push Apr 10, 2014
Authors
siddolo Pasquale 'sid' Fiorillo
Vulnerability
CVE-2014-0160
OpenSSL <1.0.1g - Info Disclosure
HIGH KEV
CVSS 7.5