-- OpenSSL 1.0.1g / OpenSSL 1.0.2beta - Memory Disclosure - Latest Versions (PRIVATE EXPLOIT) --

** CONTACT US AT - BitWasp@SafeMail.net **

You can sent us a message at our email, feel free to contact us at bitwasp@safe-mail.net

We have just found an vulnerability in the patched version OpenSSL.

A missing bounds check in the handling of the variable "DOPENSSL_NO_HEARTBEATS"

We could successfully Overflow the "DOPENSSL_NO_HEARTBEATS" and retrieve 64kb chunks of data again on the updated version.

This exploit will not get public and will remain private, we have coded the script in python,

and we will use our own code for a long time before this gets patched.

We are team of five people, and we have coded nonstop for 14 days

to see if we could fid a workaround, and we did it!

We have no reason to make it public when the vendors will go for a update again.

This will have a reasonable price for all you pentester out there who want to exploit in the wild.

OpenSSL 1.0.1g

if ( 1 + 2 + payload + 16 > s -> s3 -> rrec. length ) return 0 ; /* silently discard per RFC 6520 sec.

EXPLOIT PoC

http://imgur.com/hZoHF1H

--------------------------------------------------------------------

- OpenSSL 1.0.1g / OpenSSL 1.0.2beta - Memory Disclosure - (CURRENT VERSION - AFFECTS ALL UPDATED OPENSSL) #

- Date: [2014/04/22]

- Vendor Homepage: [ http://www.openssl.org/ ]

- Software Link: [ http://www.openssl.org/source/openssl-1.0.1g.tar.gz ]

- Vulnerabilities OpenSSL: [ https://www.openssl.org/news/vulnerabilities.html ]

- Version: [1.0.1g]

- For exploit contact: bitwasp@safe-mail.net

http://imgur.com/hZoHF1H

--------------------------------------------------------------------

" PRICES "

You can sent the payment to one of the following addresses below, but contact us for download link!

(Bitcoin / BTC): 2.5 BTC - 1BKRqnmWNfK5qjhouMaBFHwjHK9ibfrKhx

(Litecoin / LTC): 100 LTC - LWCtRokVZYwCRGL4xksi4KCwTjSerg8ueY

--------------------------------------------------------------------

After payment, we will sent you a download link. The download link will contain 2 exploits written in Python.

Sent us a message at our email: BitWasp@safe-mail.net

" REQUIREMENTS "

Python 2.7.3

Basic Commands

Put exploits in C:\ and open CMD. Run .py scripts with arguments "C:\opensslv101g.py --url=www.coinbase.com --port=443"

1. opensslv101g.py, Readme, Documentation and PoC. Ensure your version is - (1.0.1g, 1.0.2-beta1)

2. openssl.py - Ensure your version is - 1.0.1f, 1.0.1e, 1.0.1d, 1.0.1c, 1.0.1b, 1.0.1a, 1.0.1, 1.0.2-beta1