CVE-2014-0224

This is a detection tool for CVE-2014-0224 (OpenSSL Change Cipher Spec Injection vulnerability). It tests for the presence of the vulnerability by sending crafted SSL/TLS packets to a target host and analyzing responses.

This repository contains a Go-based scanner to test for CVE-2014-0224, an OpenSSL vulnerability allowing MITM attacks via ChangeCipherSpec injection. It performs TLS handshakes with modified configurations to detect vulnerable servers.

This repository contains a Go-based proof-of-concept exploit for CVE-2014-0224, a MITM vulnerability in OpenSSL 1.0.1* that allows an attacker to inject a ChangeCipherSpec message to downgrade the connection security. The exploit acts as a proxy to intercept and manipulate TLS handshakes.

This repository contains a Python script and a Perl script to evaluate hosts for CVE-2014-0224, a vulnerability in OpenSSL. The Python script uses nmap to check for open SSL ports and then executes the Perl script to perform a proof-of-concept injection test.

This PoC exploits CVE-2014-0224, a MITM vulnerability in OpenSSL's ChangeCipherSpec handling, by sending malformed CCS messages to trigger a DoS or potential RCE. The code includes a client and server component to test the vulnerability.

This Metasploit module scans for the OpenSSL CCS Injection vulnerability (CVE-2014-0224) by sending a malformed ChangeCipherSpec message during TLS handshake and checking for an alert response. It does not exploit the vulnerability but detects its presence.

This Metasploit module is a scanner for SSL/TLS vulnerabilities, specifically designed to interact with the SSL Labs API to assess server configurations. It does not contain offensive exploit code but rather queries the API for vulnerability data.