Skip to content

Instantly share code, notes, and snippets.

@ah8r
ah8r / README.md
Last active June 7, 2020 19:51
Hut3 Cardiac Arrest (compatible with Python 2.7)

Cardiac Arrest

Hut3 Cardiac Arrest - A script to check OpenSSL servers for the Heartbleed bug (CVE-2014-0160).

Note: This code was originally a GitHub Gist but has been copied to a full GitHub Repository so issues can also be tracked. Both will be kept updated with the latest code revisions.

DISCLAIMER: There have been unconfirmed reports that this script can render HP iLO unresponsive. This script complies with the TLS specification, so responsitivity issues are likely the result of a bad implementation of TLS on the server side. CNS Hut3 and Adrian Hayter do not accept responsibility if this script crashes a server you test it against. USE IT AT YOUR OWN RISK. As always, the correct way to test for the vulnerability is to check the version of OpenSSL installed on the server in question. OpenSSL 1.0.1 through 1.0.1f are vulnerable.

This script has several advantages over similar scripts that have been re

@ah8r
ah8r / cmd.php
Last active August 24, 2017 16:08
<html><script>alert(document.cookie)</script></html>
@ah8r
ah8r / globalProxy.java
Last active April 18, 2018 16:42 — forked from lizell/globalProxy.java
How to set a global proxy in Java when you can not control how your third party code communicates.Put this static block somewhere in a class that is loaded by your application.
static {
ProxySelector.setDefault(new ProxySelector() {
private final ProxySelector def = ProxySelector.getDefault();
@Override
public List<Proxy> select(final URI uri) {
return Arrays.asList(new Proxy(Proxy.Type.SOCKS, new InetSocketAddress("127.0.0.1", 8889)));
}
@Override