Your SlideShare is downloading. ×
Heartbleed
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Heartbleed

603

Published on

Published in: Technology
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
603
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
50
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Heartbleed Ibrahim M. El-Sayed
  • 2. “Catastrophic is the right word. On the scale of 1 to 10, this is an 11.” --Bruce Shneier
  • 3. What is Heartbleed? O What is Hearbleed? O It is a critical bug in the OpenSSL’s implementation of the TLS/DTLS heartbeat extension that allows attackers to read portions of the affected server’s memory. O What is OpenSSL?! O It is open source software that is used by Apache and Nginx webservers, 66% Market share to do encryption through the Internet O Affected Versions: OpenSSL 1.0.1 and 1.0.2
  • 4. How SSL works?
  • 5. What is Heartbleed O What is Heartbeat ?? 1- Used to keep connection Alive 2- Client Sends data to the Server, server echoes it back 3-Similar to ICMP ping but within HTTP Web Server Running OpenSSL Client Heartbeat “Hello” 6 Heartbeat “Hello” 6
  • 6. HeartBleed Explained Non Technical
  • 7. Heartbleed Explained O Non Technical O Ask for 100-photo box O Seller doesn’t know how to count O Two scenarios O Actual 100-photos O Only 1 photo
  • 8. Heartbleed Explained O Technical: “memcpy(bp, p1, payload);”  Actual BUG :( void * memcpy ( void * destination, const void * source, size_t num ); O The function does not check for any terminating null character in source - it always copies exactly num bytes. O To avoid overflows, the size of the arrays pointed by both the destination and source parameters, shall be at least num bytes, and should not overlap (for overlapping memory blocks, memmove is a safer approach).
  • 9. Heart bleed - explanation 11
  • 10. Heart bleed - explanation 12
  • 11. Heartbleed - Attack
  • 12. Heartbleed Impact O Eavesdrop on encrypted communication O Get access to sensitive data in the memory O Impersonate users and services
  • 13. Heartbleed fix O Server-Side • Quick fix: Disable heartbeats • Real fix: Upgrade OpenSSL • User Actions: • Change your passwords !! • Test Sites yourself
  • 14. Heartbleed - PoC O https://blog.bugcrowd.com/heartbleed- exploit-yet/

×