Giter VIP home page Giter VIP logo

apbleed's Introduction

Testing Servers

Testing whether servers are vulnerable is done using wpa_supplicant. Once connect to the AP it will listen on localhost:45678. You can now connect to this socket as if it were the actual RADIUS server. This allows you to use existing heartbleed tools to test the RADIUS server.

Installation

The default .config in this repository is sufficient for normal heartbleed testing. Hence simply execute the following to compile a working version:

git clone https://github.com/vanhoefm/apbleed.git
cd apbleed/wpa_supplicant
make

Usage

You begin the same way as any wpa_supplicant session. That means:

sudo ./wpa_supplicant -Dnl80211 -iwlan0 -cexample.conf

Modify example.conf to specify the AP you want to test. The example config file will attempt to connect to eduroam and test the radius server of example.com (which does not exist):

network={
    # 1. Filters to specify which network to test
    ssid="eduroam"
    key_mgmt=WPA-EAP

    # 2. Configure which RADIUS server (realm) to connect to.
    anonymous_identity="[email protected]"

    # 3. Tell wpa_supp to listen at 127.0.0.1:56789 once connected
    eap=SOCKET
}

In general take the configuration file of a network and change the line eap=XXXX to eap=SOCKET and you are good to go. Once connected it will open a socket to which you must connect.

wlan2: CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=25
>> eap_socket_init

		==== ApBleed: connect to localhost:45678 ====

	Be fast enough, otherwise the connection will time out...

You can now use any heartbleed tool to test the server. For example with heartleech:

mathy@kali:~/heartleech$ ./heartleech 127.0.0.1 -p 45678

--- heartleech/1.0.0i ---
https://github.com/robertdavidgraham/heartleech
[-] PATCHED: heartBEAT received, but not BLEED

Remarks

The code has not been tested for reliability. Patches are welcome. Possible improvements:

  1. Detect the inner EAP method the server is expecting, and use that.
  2. Write the packets incapculsated in the EAP requests and responses to a .pcap file.
  3. Improved error handling.
  4. Improved packet forwarding.
  5. ...

Testing Clients

Testing clients has not yet been implemented. Look at the commits to see how to do this, it will be similar to testing servers. Patches are welcome.

apbleed's People

Contributors

aotchere avatar ariknem avatar baruchsiach avatar chunkeey avatar danharkins avatar davidspinadel avatar dcbw avatar dziedjan avatar elp avatar gmbnomis avatar greearb avatar helmut-jacob avatar ilanpeer2 avatar jmalinen avatar jmberg avatar jmberg-intel avatar joukewitteveen avatar masap avatar michael-dev avatar njshah2 avatar ohhai avatar pof2 avatar pstew-dd avatar rchatre avatar sleffler avatar usdutt avatar vanhoefm avatar wsowa avatar yogeshpowar avatar yonid avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.