Heartbleed Explained
-
Upload
abshek-surya -
Category
Software
-
view
82 -
download
0
Transcript of Heartbleed Explained
2008 - 2011
Anything < < 64kb
1 kilobyte of data
1 kilobyte of data
64 kilobytes of data
64 kilobytes of data
1 kb
SIZE = 64kb
1kb
Hey server, it’s 64kb
64kb
1kbRequested data - + 63kb - Memory padding
63 kb
1 kb
95AS4D4DFG5FD5S5SD4 ADS5F4SDF55SDGF4SG5DFGH4DF6DSZX5GRF4GHTRH4TYJY5Y4RR6W6Q54WRW6ER54PERWE6R5XE4RWE6R54Y
USERNAME = TESTPASSWORD = 1234SECURITY QUESTIONSCONFIDENTIAL FILESPRIVATE INFORMATIONOTHER SECRET STUFF
1kb
Hey server, it’s 64kb
64kb
Issue is withOpen SSL
Open SSLImplements SSL <<
So the SSL protocol itself is fine.It’s just an implementation flaw
But, don’t worry.It has been patched and updated now.
Although no one knowswhat information has been leaked
or who exploited it.
Now, for the final touch…
Yes, you may ask yourdoubts now.
Special thanks to this guy