Skip to content

Instantly share code, notes, and snippets.

View jbardin's full-sized avatar
🕵️‍♂️

James Bardin jbardin

🕵️‍♂️
  • HashiCorp
  • Boston, MA
View GitHub Profile
@bitemyapp
bitemyapp / gist:8739525
Last active May 7, 2021 23:22
Learning Haskell
View gist:8739525
@epixoip
epixoip / cloudflare_challenge
Last active December 2, 2023 11:53
How I obtained the private key for www.cloudflarechallenge.com
View cloudflare_challenge
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.