Download - [QA Night Recife] Heartbleed SecInf
![Page 1: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/1.jpg)
Heartbleed e a inseguranca da informacao
QA Night Recife
Guilherme Motta, @gfcmotta
![Page 3: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/3.jpg)
![Page 4: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/4.jpg)
![Page 5: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/5.jpg)
![Page 6: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/6.jpg)
![Page 7: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/7.jpg)
![Page 8: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/8.jpg)
![Page 9: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/9.jpg)
![Page 10: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/10.jpg)
![Page 11: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/11.jpg)
![Page 12: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/12.jpg)
![Page 13: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/13.jpg)
![Page 14: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/14.jpg)
![Page 15: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/15.jpg)
WTFWTF
![Page 16: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/16.jpg)
![Page 17: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/17.jpg)
Protocolo HTTP
GET /index.html HTTP/1.1 Requisicao> GET metodo HTTP, HTTP URI,
1.1 Versao
Host: www.example.com Valores no cabecalho (nome: valor)
![Page 18: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/18.jpg)
Protocolo HTTP
HTTP/1.1 200 OK Resposta> HTTP/1.1 protocolo e versao, 200 status, OK
mensagem
Date: Mon, 23 May 2005 22:38:34 GMT Valores no cabecalho (nome: valor)
Server: Apache/1.3.3.7 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT
ETag: "3f80f-1b6-3e1cb03b" Content-Type: text/html; charset=UTF-8
Content-Length: 131 Accept-Ranges: bytes Connection: close
<html> Corpo da mensagem
<head>
<title>An Example Page</title>
</head>
<body>
Hello World, this is a very simple HTML document.
</body>
</html>
![Page 19: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/19.jpg)
Protocolo HTTP
cleartext
facil de ler :))))
![Page 20: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/20.jpg)
Protocolo HTTPS
S de “seguro”
TLS/SSL
![Page 21: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/21.jpg)
Protocolo HTTPS
S de “seguro”<criptografia>SSL/TLS
![Page 22: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/22.jpg)
Protocolo HTTPS
SSL/TLS-> Open SSL
![Page 23: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/23.jpg)
Protocolo HTTPS
-> Open SSLtodos usa!
![Page 24: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/24.jpg)
SSL/TLS
Heartbeat
![Page 25: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/25.jpg)
SSL/TLS
Heartbeat
![Page 26: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/26.jpg)
![Page 27: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/27.jpg)
![Page 28: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/28.jpg)
Heartbleed
![Page 29: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/29.jpg)
Heartbleed
In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the University of Duisburg-Essen, implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL,[19][20][21] his change was reviewed by Stephen N. Henson, one of OpenSSL's four core developers. Henson apparently failed to notice a bug in Seggelmann's implementation,[22] and introduced the flawed code into OpenSSL's source code repository on December 31, 2011. The vulnerable code was adopted into widespread use with the release of OpenSSL version 1.0.1 on March 14, 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable by default.[23][24][25]
![Page 30: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/30.jpg)
Heartbleed
In 2011, one of the RFC's authors, Robin Seggelmann, then a Ph.D. student at the University of Duisburg-Essen, implemented the Heartbeat Extension for OpenSSL. Following Seggelmann's request to put the result of his work into OpenSSL,[19][20][21] his change was reviewed by Dr. Stephen N. Henson, one of OpenSSL's four core developers. Henson apparently failed to notice a bug in Seggelmann's implementation,[22] and introduced the flawed code into OpenSSL's source code repository on December 31, 2011. The vulnerable code was adopted into widespread use with the release of OpenSSL version 1.0.1 on March 14, 2012. Heartbeat support was enabled by default, causing affected versions to be vulnerable by default.[23][24][25]
![Page 31: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/31.jpg)
\\\Look at code examples\\\
![Page 32: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/32.jpg)
\\\Look at code examples\\\
![Page 33: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/33.jpg)
\\\Look at code examples\\\Metodologias!!!
OWASPOSSTMMISSAFIBM*NIST 800.42...
![Page 34: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/34.jpg)
\\\Look at code examples\\\
![Page 35: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/35.jpg)
\\\Look at code examples\\\
![Page 36: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/36.jpg)
\\\Look at code examples\\\http://en.wikipedia.org/wiki/Taint_checking
![Page 37: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/37.jpg)
\\\not so live demo\\\
Hacking DVWA- XSS (ultimos 2 minutos do video)http://www.youtube.com/watch?v=-H1qjiwQldw- SQL Injection http://www.youtube.com/watch?v=7NCpvG7nYb
![Page 38: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/38.jpg)
\\\not so live demo\\\
Hacking DVWA- remote command executionhttp://www.youtube.com/watch?v=6hnCGsS-V0Y- Cookie hijackinghttp://www.youtube.com/watch?v=qB9c01R3aQU
![Page 39: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/39.jpg)
\\\not so live demo\\\
Hacking DVWA- CSFR (Cross-Site Request Forgery)http://www.youtube.com/watch?v=2Y7IywV1YBQ
![Page 40: [QA Night Recife] Heartbleed SecInf](https://reader035.vdocument.in/reader035/viewer/2022062406/55cf7ae2bb61eb92768b4643/html5/thumbnails/40.jpg)
Linkswww.dvwa.co.uk/www.backtrack-linux.org http://www.kali.org/ http://portswigger.net/burp/http://www.wireshark.org/http://wpepro.net/http://cheatengine.org/