Ben Holland benjholla
benjholla
/ heartbleed-session-tokens.py
Last active
July 5, 2018 01:29
— forked from mpdavis/heartbleed-altered.py
A modified heartbleed exploit to extract likely session token strings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Connects to servers vulnerable to CVE-2014-0160 and looks for cookies, specifically user sessions. | |
| # Michael Davis (mike.philip.davis@gmail.com) | |
| # Based almost entirely on the quick and dirty demonstration of CVE-2014-0160 by Jared Stafford (jspenguin@jspenguin.org) | |
| # The author disclaims copyright to this source code. | |
| import select |