Neel Mehta
Heap allocation patterns make private key exposure unlikely for #heartbleed #dontpanic.
Tomas Rzepka
@neelmehta @tqbf We can extract the private key successfully on FreeBSD after restarting apache and making the first request with ssltest.py
-
- View other replies
-
@1njected@spierenburg@neelmehta@tqbf@_miw probably only worked with first request to server, right? -
@stokedsecurity@spierenburg@neelmehta@tqbf@_miw Seem to depend on server load/mem usage
-
-
@1njected Ieeeeek. Ok, do you have proof because this is significant discovery with major financial ramifications. similar results on Linux? -
@_miw Does not work on Debian. We patched the FreeBSD machine but I will see if we can gather some evidence. :) -
@1njected Ive been smashing TLS daemons on my Debian lab machine but haven't seen anything interesting. What is it about the FreeBSD alloc?? -
@_miw Maybe that freebsd uses mmap to implement malloc? http://www.tuicool.com/articles/vqmAZf -
@1njected that's easily the best writeup on it I've seen. Thanks. -
@_miw@1njected FYI, that's a rip-off of the original author's analysis. "http://tuicool.com " plagiarized http://blog.existentialize.com/diagnosis-of-the-openssl-heartbleed-bug.html … - View other replies
-
-
-
-
-
- View other replies
-
@1njected@thegrugq With hints from https://news.ycombinator.com/item?id=7573377 got reliable extraction from Apache defaults on Debian:pic.twitter.com/uWKQnMkaNB
-
-
-
@1njected@neelmehta@tqbf attackers just need to send payloads at midnight when most sites run daily log rollover/restart scripts. -
@ryancbarnett@neelmehta@tqbf Yes, or if your lucky, find a DOS-vuln and wait for admin to restart. -
@1njected@ryancbarnett@neelmehta@tqbf what about Apache maxrequestsperchild - be enough to have something load/free the key somewhere?
-
stokedsecurity
Philip
Root Labs
Mako
Ryan Barnett
Henrik Kramshoej
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.