December 2, 2023 11:53 · November 6, 2024 06:58 · October 15, 2012 18:09 · February 27, 2011 20:48
 I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
 10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
 that I too could do it.

 First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
 believed that it would be highly improbable under normal conditions to obtain the private key
 through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
 challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
 extract private keys. So I wanted to see first-hand if it was possible or not.
 #!/usr/bin/env python2
 """
 Author: takeshix <[email protected]>
 PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]).

 Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
 """

 import sys,struct,socket
 from argparse import ArgumentParser
 # place this file in ~/.config/terminator/config
 [global_config]
  title_transmit_bg_color = "#d30102"
  focus = system
 [keybindings]
  reset_clear = <Ctrl>R
  new_tab = <Ctrl>T
  split_horiz = <Ctrl><Shift>E
  split_vert = <Ctrl>E
  close_term = <Ctrl><Shift>W
 @@ -28,7 +28,7 @@
 ### Set diff-cmd to the absolute path of your 'diff' program.
 ###   This will override the compile-time default, which is to use
 ###   Subversion's internal diff implementation.
 -# diff-cmd = diff_program (diff, gdiff, etc.)
 +diff-cmd = colordiff
 ### Set diff3-cmd to the absolute path of your 'diff3' program.
 ###   This will override the compile-time default, which is to use
 ###   Subversion's internal diff3 implementation.
	I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
	10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
	that I too could do it.

	First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
	believed that it would be highly improbable under normal conditions to obtain the private key
	through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
	challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
	extract private keys. So I wanted to see first-hand if it was possible or not.
	#!/usr/bin/env python2
	"""
	Author: takeshix <[email protected]>
	PoC code for CVE-2014-0160. Original PoC by Jared Stafford ([email protected]).

	Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
	"""

	import sys,struct,socket
	from argparse import ArgumentParser
	# place this file in ~/.config/terminator/config
	[global_config]
	title_transmit_bg_color = "#d30102"
	focus = system
	[keybindings]
	reset_clear = <Ctrl>R
	new_tab = <Ctrl>T
	split_horiz = <Ctrl><Shift>E
	split_vert = <Ctrl>E
	close_term = <Ctrl><Shift>W
	@@ -28,7 +28,7 @@
	### Set diff-cmd to the absolute path of your 'diff' program.
	### This will override the compile-time default, which is to use
	### Subversion's internal diff implementation.
	-# diff-cmd = diff_program (diff, gdiff, etc.)
	+diff-cmd = colordiff
	### Set diff3-cmd to the absolute path of your 'diff3' program.
	### This will override the compile-time default, which is to use
	### Subversion's internal diff3 implementation.