Apr 112014

Heart bleed is critical OpenSSL vulnerability that needs to be patched on web hosted on the internet. i would imagine web systems on private LAN are not as at a critical risk.

Refer to the following website for latest update news:

If you have the Windows NMAP ZenMap GUI installed on your system, you can easily run the following command to scan a system or systems for the vulnerability.

First download the following Nmap script files:
https://svn.nmap.org/nmap/scripts/ssl-heartbleed.nse [As my example, place inC:\Program Files (x86)\Nmap\scripts]
https://svn.nmap.org/nmap/nselib/tls.lua [As my example, place in C:\Program Files (x86)\Nmap\nselib]

The below example website, has the Heartbleed vulnerability, as at date stamp in Scan.

nmap -sV -p 443,4343,21,981,1311,4712,9443 -oX “C:\\temp\\HeartBleed.xml” –script ssl-heartbleed.nse www.chinesecol.com

An example of a system that does not have the vulnerability, best is www.openssl.org

nmap -sV -p 443,4343,21,981,1311,4712,9443 -oX “C:\\temp\\HeartBleed.xml” –script ssl-heartbleed.nse www.openssl.org

  One Response to “Scanning for OpenSSL Heartbleed vulnerable systems via Windows Nmap Zenmap GUI”

  1. Thanks!

Leave a Reply