Heartbleed plugin for FOCA

ElevenPaths  30 abril, 2014

By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin allows the tool to detect vulnerable servers and audit them, among all the other cool features FOCA counts with.

Loading the plugin in FOCA

To take advantage of the plugin, just download FOCA and create a project over the domain to be audited. Load the plugin from “Plugins” tab in the upper menu, and press on “Load/Unload plugins”. Browse for HeartBreatPlugin.dll and load it. Once loaded, it will be accessible from the plugins menu.

There are two options: automatic analysis or manual analysis and exploitation. Checking on “Check all hosts that FOCA detects automatically for the HeartBleed vulnerability” will make FOCA to check for the vulnerability in all domains found for this project.

Automatically checking domains

Domains will go from the “Pending” box to “Checked” or “Vulnerable”, depending on the results. All domains found by the usual way FOCA works, will be checked.
For a manual analysis, a domain and port has to be specified. There is an option to repeat the attack every 5 seconds and generate a memory dump, that will be stored in a local file.

Manually checking domains

Ricardo Martín
ricardo.martin@11paths.com

Comentarios

  1. Me he descargado la última versión de FOCA pero no está HeartBreatPlugin.dll en la carpeta plugins.
    La habéis quitado? Se puede encontrar en otro luagar?
    Gracias.

Deja un comentario

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *