heartbleeder - Test servers for OpenSSL CVE-2014-0160, aka Heartbleed
Contents
Description
heartbleeder is a tool that tests remotely (over a network) if a system is compromised by an insecure
OpenSSL service, in accordance with CVE-2014-0160, aka Heartbleed.
More about Heartbleed Bug can be viewed at http://heartbleed.com.
Name
heartbleeder - Test servers for OpenSSL CVE-2014-0160, aka Heartbleed
Notes
Multiple hosts may be monitored by setting '-hostfile' flag to a file with newline separated addresses. A
web dashboard will be available at 'http://localhost:5000' by default.
Postgres uses OpenSSL in a slightly different way. To test whether a Postgres server is vulnerable, run
the following (defaults to port 5432). Example:
$ heartbleeder-pg example.com.br
Options
-hostfile=""
Path to a newline separated file with hosts or IPs.
-listen="localhost:5000"
Address to serve HTTP dashboard from.
-pg=false
Check PostgreSQL TLS. This option is incompatible with -hostfile.
-refresh=10m0s
Seconds to wait before rechecking secure hosts.
-retry=10s
Seconds to wait before retesting a host after an unfavorable response.
-timeout=5s
Timeout after sending heartbeat.
-workers=40
Number of workers to scan hosts with, only used with hostfile flag.
Synopsis
heartbleeder [options] host[:443]
Warning
No guarantees are made about the accuracy of results, and you should verify them independently by
checking your OpenSSL build.
