I hereby claim:
- I am JonCheuvront on github.
- I am joncheuvront (https://keybase.io/joncheuvront) on keybase.
- I have a public key whose fingerprint is 530C AC0B 61FB D165 3E10 D32A 83E4 9283 24D8 DF07
To claim this, I am signing this object:
I hereby claim:
To claim this, I am signing this object:
Last week Qualys presented on a webcast: | |
“A Post-Mortem on Heartbleed - What Worked and What Didn't: Real-world case study on how the State of Colorado responded to this critical vulnerability.” | |
For this presentation they stood up a website that is vulnerable to the Heartbleed bug and put pout a challenge to get the private keys, the encrypted file, and decrypt the file for a prize. | |
Here are the steps I used to get that prize. | |
Go to the website and register to login and get the "secret file" | |
--note: don't use a real username or password because it can be visible while exploiting the bug. | |
https://hbdemo.kandek.com/ |