Cloud Híbrida
Ciberseguridad & NaaS
AI & Data
IoT y Conectividad
Business Applications
Intelligent Workplace
Consultoría y Servicios Profesionales
Pequeña y Mediana Empresa
Sanidad y Social
Industria
Retail
Turismo y Ocio
Transporte y Logística
Energía y Utilities
Banca y Finanzas
Deporte
Ciudades Inteligentes
Heartbleed plugin for FOCA
30 de abril de 2014
By now, everyone knows about Heartbleed.
Just like we did for FaasT, we have created a plugin for
FOCA (final version) one of our most downloaded tools.
This plugin allows the tool to detect vulnerable servers and audit them, among all the other cool features FOCA counts with.
Loading the plugin in FOCA To take advantage of the plugin, just
download FOCA and create a project over the domain to be audited. Load the plugin from "Plugins" tab in the upper menu, and press on "Load/Unload plugins". Browse for HeartBreatPlugin.dll and load it. Once loaded, it will be accessible from the plugins menu.
There are two options: automatic analysis or manual analysis and exploitation. Checking on "Check all hosts that FOCA detects automatically for the HeartBleed vulnerability" will make FOCA to check for the vulnerability in all domains found for this project.
Automatically checking domains
Domains will go from the "Pending" box to "Checked" or "Vulnerable", depending on the results. All domains found by the usual way FOCA works, will be checked. For a manual analysis, a domain and port has to be specified. There is an option to repeat the attack every 5 seconds and generate a memory dump, that will be stored in a local file.
Manually checking domains
Loading the plugin in FOCA To take advantage of the plugin, just
download FOCA and create a project over the domain to be audited. Load the plugin from "Plugins" tab in the upper menu, and press on "Load/Unload plugins". Browse for HeartBreatPlugin.dll and load it. Once loaded, it will be accessible from the plugins menu.
There are two options: automatic analysis or manual analysis and exploitation. Checking on "Check all hosts that FOCA detects automatically for the HeartBleed vulnerability" will make FOCA to check for the vulnerability in all domains found for this project.
Automatically checking domains
Domains will go from the "Pending" box to "Checked" or "Vulnerable", depending on the results. All domains found by the usual way FOCA works, will be checked. For a manual analysis, a domain and port has to be specified. There is an option to repeat the attack every 5 seconds and generate a memory dump, that will be stored in a local file.
Manually checking domains
Ricardo Martín
ricardo.martin@11paths.com
